Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-25667
HistoryMar 15, 2021 - 5:15 p.m.

CVE-2021-25667

2021-03-1517:15:21
CWE-121
CWE-787
[email protected]
web.nvd.nist.gov
29
4
cve-2021-25667
vulnerability
ruggedcom rm1224
scalance m-800
scalance s615
scalance sc-600
scalance xb-200
scalance xc-200
scalance xf-200ba
scalance xm400
scalance xp-200
scalance xr-300wg
scalance xr500
buffer overflow
denial of service
remote code execution

5.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.4%

JSON

A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions < V4.1), SCALANCE XC-200 (All versions < V4.1), SCALANCE XF-200BA (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XP-200 (All versions < V4.1), SCALANCE XR-300WG (All versions < V4.1), SCALANCE XR500 (All versions < V6.2). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active.

Affected configurations

NVD
Node
siemensruggedcom_rm1224_firmwareRange4.36.4
AND
siemensruggedcom_rm1224Match-
Node
siemensscalance_m-800_firmwareRange4.36.4
AND
siemensscalance_m-800Match-
Node
siemensscalance_s615_firmwareRange4.36.4
AND
siemensscalance_s615Match-
Node
siemensscalance_x300wg_firmwareRange<4.1
AND
siemensscalance_x300wgMatch-
Node
siemensscalance_xm400_firmwareRange<6.2
AND
siemensscalance_xm400Match-
Node
siemensscalance_xr500_firmwareRange<6.2
AND
siemensscalance_xr500Match-
Node
siemensscalance_sc622-2c_firmwareRange2.0
OR
siemensscalance_sc622-2c_firmwareRange2.12.1.3
AND
siemensscalance_sc622-2cMatch-
Node
siemensscalance_sc632-2c_firmwareRange2.0
OR
siemensscalance_sc632-2c_firmwareRange2.12.1.3
AND
siemensscalance_sc632-2cMatch-
Node
siemensscalance_sc636-2c_firmwareRange2.0
OR
siemensscalance_sc636-2c_firmwareRange2.12.1.3
AND
siemensscalance_sc636-2cMatch-
Node
siemensscalance_sc642-2c_firmwareRange2.0
OR
siemensscalance_sc642-2c_firmwareRange2.12.1.3
AND
siemensscalance_sc642-2cMatch-
Node
siemensscalance_sc646-2c_firmwareRange2.0
OR
siemensscalance_sc646-2c_firmwareRange2.12.1.3
AND
siemensscalance_sc646-2cMatch-
Node
siemensscalance_xb-200_firmwareRange<4.1
AND
siemensscalance_xb-200Match-
Node
siemensscalance_xc-200_firmwareRange<4.1
AND
siemensscalance_xc-200Match-
Node
siemensscalance_xf-200ba_firmwareRange<4.1
AND
siemensscalance_xf-200baMatch-
Node
siemensscalance_xp-200_firmwareRange<4.1
AND
siemensscalance_xp-200Match-

CNA Affected

[
  {
    "product": "RUGGEDCOM RM1224",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions >= V4.3 and < V6.4"
      }
    ]
  },
  {
    "product": "SCALANCE M-800",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions >= V4.3 and < V6.4"
      }
    ]
  },
  {
    "product": "SCALANCE S615",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions >= V4.3 and < V6.4"
      }
    ]
  },
  {
    "product": "SCALANCE SC-600 Family",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions >= V2.0 and < V2.1.3"
      }
    ]
  },
  {
    "product": "SCALANCE XB-200",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.1"
      }
    ]
  },
  {
    "product": "SCALANCE XC-200",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.1"
      }
    ]
  },
  {
    "product": "SCALANCE XF-200BA",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.1"
      }
    ]
  },
  {
    "product": "SCALANCE XM400",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V6.2"
      }
    ]
  },
  {
    "product": "SCALANCE XP-200",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.1"
      }
    ]
  },
  {
    "product": "SCALANCE XR-300WG",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.1"
      }
    ]
  },
  {
    "product": "SCALANCE XR500",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V6.2"
      }
    ]
  }
]

Social References

More

Related

prion 1
nessus 1
ics 1
cvelist 1
nvd 1
threatpost 1
prion
prion
Stack overflow
2021-03-15 17:15:00
nessus
nessus
Siemens SCALANCE and RUGGEDCOM Devices Stack-Based Buffer Overflow (CVE-2021-25667)
2023-04-05 00:00:00
ics
ics
Siemens SCALANCE and RUGGEDCOM Devices (Update A)
2021-04-13 12:00:00
cvelist
cvelist
CVE-2021-25667
2021-03-15 17:03:31
nvd
nvd
CVE-2021-25667
2021-03-15 17:15:21
threatpost
threatpost
How the NAME:WRECK Bugs Impact Consumers, Businesses
2021-04-13 21:03:41

5.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.4%

JSON
Related for CVE-2021-25667
prion1nessus1ics1cvelist1nvd1threatpost1