CVE-2021-25667

CVSS V2 Medium 5.8 CVSS V3 High 8.8
Description
A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions < V4.1), SCALANCE XC-200 (All versions < V4.1), SCALANCE XF-200BA (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XP-200 (All versions < V4.1), SCALANCE XR-300WG (All versions < V4.1), SCALANCE XR500 (All versions < V6.2). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active.
Overview
  • CVE ID
  • CVE-2021-25667
  • Assigner
  • productcert@siemens.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2021-03-15T17:15:21
  • Last Modified Date
  • 2022-10-19T19:26:06
Weakness Enumerations
CWE URL
CWE-121 http://cwe.mitre.org/data/definitions/121.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:* 1 OR 4.3 6.4
cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:* 1 OR 4.3 6.4
cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:* 1 OR 4.3 6.4
cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:scalance_x300wg_firmware:*:*:*:*:*:*:*:* 1 OR 4.1
cpe:2.3:h:siemens:scalance_x300wg:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:* 1 OR 6.2
cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:* 1 OR 6.2
cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:scalance_sc622-2c_firmware:*:*:*:*:*:*:*:* 1 OR 2.0
cpe:2.3:o:siemens:scalance_sc622-2c_firmware:*:*:*:*:*:*:*:* 1 OR 2.1 2.1.3
cpe:2.3:h:siemens:scalance_sc622-2c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:scalance_sc632-2c_firmware:*:*:*:*:*:*:*:* 1 OR 2.0
cpe:2.3:o:siemens:scalance_sc632-2c_firmware:*:*:*:*:*:*:*:* 1 OR 2.1 2.1.3
cpe:2.3:h:siemens:scalance_sc632-2c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:scalance_sc636-2c_firmware:*:*:*:*:*:*:*:* 1 OR 2.0
cpe:2.3:o:siemens:scalance_sc636-2c_firmware:*:*:*:*:*:*:*:* 1 OR 2.1 2.1.3
cpe:2.3:h:siemens:scalance_sc636-2c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:scalance_sc642-2c_firmware:*:*:*:*:*:*:*:* 1 OR 2.0
cpe:2.3:o:siemens:scalance_sc642-2c_firmware:*:*:*:*:*:*:*:* 1 OR 2.1 2.1.3
cpe:2.3:h:siemens:scalance_sc642-2c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:scalance_sc646-2c_firmware:*:*:*:*:*:*:*:* 1 OR 2.0
cpe:2.3:o:siemens:scalance_sc646-2c_firmware:*:*:*:*:*:*:*:* 1 OR 2.1 2.1.3
cpe:2.3:h:siemens:scalance_sc646-2c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:* 1 OR 4.1
cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:* 1 OR 4.1
cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:* 1 OR 4.1
cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:* 1 OR 4.1
cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:* 0 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:A/AC:L/Au:N/C:P/I:P/A:P
  • Access Vector
  • ADJACENT_NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • PARTIAL
  • Base Score
  • 5.8
  • Severity
  • MEDIUM
  • Exploitability Score
  • 6.5
  • Impact Score
  • 6.4
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Attack Vector
  • ADJACENT_NETWORK
  • Attack Compatibility
  • LOW
  • Privileges Required
  • NONE
  • User Interaction
  • NONE
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • HIGH
  • Availability Impact
  • HIGH
  • Base Score
  • 8.8
  • Base Severity
  • HIGH
  • Exploitability Score
  • 2.8
  • Impact Score
  • 5.9
References
Reference URL Reference Tags
https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03 Third Party Advisory US Government Resource
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2021-25667
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25667
History
Created Old Value New Value Data Type Notes
2022-05-10 07:14:39 Added to TrackCVE
2022-12-05 23:45:36 2021-03-15T17:15Z 2021-03-15T17:15:21 CVE Published Date updated
2022-12-05 23:45:36 2022-10-19T19:26:06 CVE Modified Date updated
2022-12-05 23:45:36 Analyzed Vulnerability Status updated