CVE-2025-29931

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected product does not properly validate a length field in a serialized message which it uses to determine the amount of memory to be allocated for deserialization. This could allow an unauthenticated remote attacker to cause the application to allocate exhaustive amounts of memory and subsequently create a partial denial of service condition. Successful exploitation is only possible in redundant Telecontrol Server Basic setups and only if the connection between the redundant servers has been disrupted.

CVSS v3 3.7 LOW

3.7^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://cert-portal.siemens.com/productcert/html/ssa-395348.html	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:siemens:telecontrol_server_basic:*:*:*:*:*:*:*:*

History

19 Aug 2025, 14:48

Type	Values Removed	Values Added
References	~~() https://cert-portal.siemens.com/productcert/html/ssa-395348.html -~~	() https://cert-portal.siemens.com/productcert/html/ssa-395348.html - Vendor Advisory
First Time		Siemens telecontrol Server Basic Siemens
Summary		(es) Se ha identificado una vulnerabilidad en TeleControl Server Basic (todas las versiones anteriores a V3.1.2.2). El producto afectado no valida correctamente el campo de longitud en un mensaje serializado, que utiliza para determinar la cantidad de memoria que se asignará para la deserialización. Esto podría permitir que un atacante remoto no autenticado provoque que la aplicación asigne cantidades excesivas de memoria y, posteriormente, genere una condición de denegación de servicio parcial. Esta vulnerabilidad solo se puede explotar con éxito en configuraciones redundantes de Telecontrol Server Basic y solo si se interrumpe la conexión entre los servidores redundantes.
CPE		cpe:2.3:a:siemens:telecontrol_server_basic::::::::

17 Apr 2025, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-17 11:15

Updated : 2025-08-19 14:48

NVD link : CVE-2025-29931

Mitre link : CVE-2025-29931

CVE.ORG link : CVE-2025-29931

JSON object : View

Products Affected

siemens

telecontrol_server_basic

CWE

CWE-130

Improper Handling of Length Parameter Inconsistency

3.7 /10