CVE-2021-25667

A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions < V4.1), SCALANCE XC-200 (All versions < V4.1), SCALANCE XF-200BA (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XP-200 (All versions < V4.1), SCALANCE XR-300WG (All versions < V4.1), SCALANCE XR500 (All versions < V6.2). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active.
References
Link Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf Patch Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03 Patch Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:siemens:scalance_x300wg_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x300wg:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
OR cpe:2.3:o:siemens:scalance_sc622-2c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_sc622-2c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_sc622-2c:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
OR cpe:2.3:o:siemens:scalance_sc632-2c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_sc632-2c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_sc632-2c:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
OR cpe:2.3:o:siemens:scalance_sc636-2c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_sc636-2c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_sc636-2c:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
OR cpe:2.3:o:siemens:scalance_sc642-2c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_sc642-2c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_sc642-2c:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
OR cpe:2.3:o:siemens:scalance_sc646-2c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_sc646-2c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_sc646-2c:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*

History

19 Oct 2022, 19:26

Type Values Removed Values Added
References (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf - Vendor Advisory (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf - Patch, Vendor Advisory
References (MISC) https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03 - Third Party Advisory, US Government Resource (MISC) https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03 - Patch, Third Party Advisory, US Government Resource

22 Apr 2021, 21:15

Type Values Removed Values Added
Summary A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3), SCALANCE M-800 (All versions >= V4.3), SCALANCE S615 (All versions >= V4.3), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE X300WG (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XR500 (All versions < V6.2), SCALANCE Xx200 Family (All versions < V4.1). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active. A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions < V4.1), SCALANCE XC-200 (All versions < V4.1), SCALANCE XF-200BA (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XP-200 (All versions < V4.1), SCALANCE XR-300WG (All versions < V4.1), SCALANCE XR500 (All versions < V6.2). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active.

19 Apr 2021, 19:04

Type Values Removed Values Added
References (MISC) https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03 - (MISC) https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03 - Third Party Advisory, US Government Resource
CPE cpe:2.3:h:siemens:scalance_x-200:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_x-200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*

15 Apr 2021, 22:15

Type Values Removed Values Added
References
  • (MISC) https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03 -
CWE CWE-787 CWE-121

18 Mar 2021, 18:19

Type Values Removed Values Added
References (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf - (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf - Vendor Advisory
CWE CWE-121 CWE-787
CVSS v2 : unknown
v3 : unknown
v2 : 5.8
v3 : 8.8
CPE cpe:2.3:o:siemens:scalance_sc646-2c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_x-200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x-200:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_x300wg_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_sc622-2c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_sc642-2c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_sc646-2c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_sc636-2c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_sc632-2c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_sc642-2c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x300wg:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_sc632-2c:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_sc622-2c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_sc636-2c:-:*:*:*:*:*:*:*

15 Mar 2021, 18:15

Type Values Removed Values Added
Summary A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3), SCALANCE M-800 (All versions >= V4.3), SCALANCE S615 (All versions >= V4.3), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE X300WG (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XR500 (All versions < V6.2), SCALANCE Xx200 Family (All versions < V4.1). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active. A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3), SCALANCE M-800 (All versions >= V4.3), SCALANCE S615 (All versions >= V4.3), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE X300WG (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XR500 (All versions < V6.2), SCALANCE Xx200 Family (All versions < V4.1). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active.

15 Mar 2021, 18:00

Type Values Removed Values Added
New CVE

Information

Published : 2021-03-15 17:15

Updated : 2023-12-10 13:41


NVD link : CVE-2021-25667

Mitre link : CVE-2021-25667

CVE.ORG link : CVE-2021-25667


JSON object : View

Products Affected

siemens

  • scalance_sc636-2c_firmware
  • scalance_xf-200ba
  • scalance_sc632-2c_firmware
  • scalance_sc642-2c
  • scalance_xr500_firmware
  • scalance_sc632-2c
  • scalance_xr500
  • scalance_xc-200_firmware
  • scalance_sc642-2c_firmware
  • scalance_sc636-2c
  • ruggedcom_rm1224
  • scalance_xp-200_firmware
  • scalance_xm400_firmware
  • scalance_xp-200
  • scalance_m-800_firmware
  • scalance_s615_firmware
  • scalance_xm400
  • ruggedcom_rm1224_firmware
  • scalance_s615
  • scalance_x300wg_firmware
  • scalance_sc622-2c_firmware
  • scalance_xb-200_firmware
  • scalance_sc646-2c
  • scalance_sc622-2c
  • scalance_xb-200
  • scalance_x300wg
  • scalance_xc-200
  • scalance_xf-200ba_firmware
  • scalance_m-800
  • scalance_sc646-2c_firmware
CWE
CWE-121

Stack-based Buffer Overflow

CWE-787

Out-of-bounds Write