What is GHSA-rmq3-87p9-r2fp?

GHSA-rmq3-87p9-r2fp is a security advisory published by GitHub Security Advisories with High severity. A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl....

Which CVE IDs does GHSA-rmq3-87p9-r2fp cover?

GHSA-rmq3-87p9-r2fp covers the following CVE IDs: CVE-2021-25660. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-rmq3-87p9-r2fp?

GHSA-rmq3-87p9-r2fp has a CVSS v3 base score of 7.5, published by GitHub Security Advisories.

GHSA-rmq3-87p9-r2fpHighCVSS 7.5

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (incl....

Vendor

GitHub Security Advisories

Published

May 24, 2022

Last Modified

June 2, 2026

🔗 CVE IDs covered (1)

CVE-2021-25660 →

📋 Description

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2021-25660
https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf
https://github.com/advisories/GHSA-rmq3-87p9-r2fp