cvedb.io
CVE-2021-37166
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2021-08-02T13:15:07.897 · Last modified 2026-06-17T04:00:10.883

Summary

A buffer overflow issue leading to denial of service was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When HMI3 starts up, it binds a local service to a TCP port on all interfaces of the device, and takes extensive time for the GUI to connect to the TCP socket, allowing the connection to be hijacked by an external attacker.

Affected products

swisslog-healthcare — hmi-3_control_panel_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when swisslog-healthcare ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.