CVE-2021-37164
published 2021-08-02CVE-2021-37164: A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software…
PriorityP355critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
3.40%
87.3th percentile
A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. In the tcpTxThread function, the received data is copied to a stack buffer. An off-by-3 condition can occur, resulting in a stack-based buffer overflow.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| swisslog-healthcare | hmi-3_control_panel_firmware | < 7.2.5.7 | 7.2.5.7 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET EXPLOIT [PwnedPiper] Exploitation Attempt - Large Malformed Translogic Packet (CVE-2021-37164)
suricata·2021-08-03·CVSS 9.8
CVE-2021-37164 [CRITICAL] ET EXPLOIT [PwnedPiper] Exploitation Attempt - Large Malformed Translogic Packet (CVE-2021-37164)
ET EXPLOIT [PwnedPiper] Exploitation Attempt - Large Malformed Translogic Packet (CVE-2021-37164)
Rule: alert udp any any -> $HOME_NET 12345 (msg:"ET EXPLOIT [PwnedPiper] Exploitation Attempt - Large Malformed Translogic Packet (CVE-2021-37164)"; dsize:>369; content:"TLPU"; startswith; fast_pattern; reference:cve,2021-37164; reference:url,www.armis.com/pwnedPiper; classtype:attempted-admin; sid:2033662; rev:2; metadata:attack_target Server, created_at 2021_08_03, cve CVE_2021_37164, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, tag Exploit, updated_at 2022_05_03, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
No public exploits indexed.
No writeups or analysis indexed.
https://www.armis.com/PwnedPiperhttps://www.swisslog-healthcare.comhttps://www.swisslog-healthcare.com/-/media/swisslog-healthcare/documents/customer-service/armis-documents/cve-2021-37164-bulletin---off-by-three-stack-overflow-in-tcptxthread.pdf?rev=daf615075c71484c8059c906872a51e6&hash=1FCC1A5D921E231D71E6B95A9AA8B741https://www.swisslog-healthcare.com/en-us/customer-care/security-information/cve-disclosures#:~:text=CVE%20Disclosures%20%20%20%20Vulnerability%20Name%20%2C%20%20CVE-2021-37164%20%204%20more%20rows%20https://www.armis.com/PwnedPiperhttps://www.swisslog-healthcare.comhttps://www.swisslog-healthcare.com/-/media/swisslog-healthcare/documents/customer-service/armis-documents/cve-2021-37164-bulletin---off-by-three-stack-overflow-in-tcptxthread.pdf?rev=daf615075c71484c8059c906872a51e6&hash=1FCC1A5D921E231D71E6B95A9AA8B741https://www.swisslog-healthcare.com/en-us/customer-care/security-information/cve-disclosures#:~:text=CVE%20Disclosures%20%20%20%20Vulnerability%20Name%20%2C%20%20CVE-2021-37164%20%204%20more%20rows%20
2021-08-02
Published