CVE-2021-25668

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the webserver may result in write out of bounds in heap. An attacker might leverage this to cause denial-of-service on the device and potentially remotely execute code.

CVSS v3 9.8 CRITICAL
CVSS v2.0 7.5 HIGH

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:siemens:scalance_x200-4p_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x200-4p_irt:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:siemens:scalance_x202-2_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x202-2_irt:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:siemens:scalance_x204_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204_irt:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:siemens:scalance_x204_irt_pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204_irt_pro:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204-2:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:siemens:scalance_x208pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x208pro:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:siemens:scalance_xf204_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204_irt:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204-2:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:siemens:scalance_x202-2p_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x202-2p_irt:-:*:*:*:*:*:*:*

History

01 May 2022, 01:10

Type	Values Removed	Values Added
First Time		Siemens scalance X202-2p Irt Firmware Siemens scalance X202-2p Irt
CPE		cpe:2.3:o:siemens:scalance_x202-2p_irt_firmware:::::::: cpe:2.3:h:siemens:scalance_x202-2p_irt:-:::::::*

14 Sep 2021, 11:15

Type	Values Removed	Values Added
Summary	A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2FM (All versions), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2LD TS (All versions), SCALANCE X204-2TS (All versions), SCALANCE X206-1 (All versions), SCALANCE X206-1LD (All versions), SCALANCE X208 (incl. SIPLUS NET variant) (All versions), SCALANCE X208PRO (All versions), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X212-2LD (All versions), SCALANCE X216 (All versions), SCALANCE X224 (All versions), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions), SCALANCE XF208 (All versions). Incorrect processing of POST requests in the webserver may result in write out of bounds in heap. An attacker might leverage this to cause denial-of-service on the device and potentially remotely execute code.	A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the webserver may result in write out of bounds in heap. An attacker might leverage this to cause denial-of-service on the device and potentially remotely execute code.
CWE	~~CWE-787~~	CWE-122

30 Apr 2021, 14:39

Type	Values Removed	Values Added
References	~~(MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf -~~	(MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf - Patch, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 7.5 v3 : 9.8
CWE	~~CWE-122~~	CWE-787
CPE		cpe:2.3:o:siemens:scalance_xf204_firmware:::::::: cpe:2.3:h:siemens:scalance_x202-2_irt:-:::::::* cpe:2.3:o:siemens:scalance_x208pro_firmware:::::::: cpe:2.3:o:siemens:scalance_xf204-2_firmware:::::::: cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:::::::* cpe:2.3:h:siemens:scalance_x204-2:-:::::::* cpe:2.3:o:siemens:scalance_x204_irt_pro_firmware:::::::: cpe:2.3:h:siemens:scalance_xf204_irt:-:::::::* cpe:2.3:o:siemens:scalance_x212-2ld_firmware:::::::: cpe:2.3:h:siemens:scalance_x204_irt:-:::::::* cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:::::::: cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:::::::: cpe:2.3:h:siemens:scalance_xf206-1:-:::::::* cpe:2.3:o:siemens:scalance_x216_firmware:::::::: cpe:2.3:o:siemens:scalance_xf208_firmware:::::::: cpe:2.3:h:siemens:scalance_x212-2:-:::::::* cpe:2.3:h:siemens:scalance_xf204:-:::::::* cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:::::::: cpe:2.3:o:siemens:scalance_x206-1ld_firmware:::::::: cpe:2.3:h:siemens:scalance_xf208:-:::::::* cpe:2.3:h:siemens:scalance_x200-4p_irt:-:::::::* cpe:2.3:o:siemens:scalance_x204-2_firmware:::::::: cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:::::::: cpe:2.3:h:siemens:scalance_x204-2ld:-:::::::* cpe:2.3:h:siemens:scalance_x206-1:-:::::::* cpe:2.3:h:siemens:scalance_x208:-:::::::* cpe:2.3:h:siemens:scalance_x216:-:::::::* cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:::::::: cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:::::::: cpe:2.3:h:siemens:scalance_x212-2ld:-:::::::* cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-:::::::* cpe:2.3:h:siemens:scalance_x224:-:::::::* cpe:2.3:o:siemens:scalance_xf206-1_firmware:::::::: cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-:::::::* cpe:2.3:o:siemens:scalance_x224_firmware:::::::: cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:::::::: cpe:2.3:h:siemens:scalance_xf204-2:-:::::::* cpe:2.3:o:siemens:scalance_x204-2ld_firmware:::::::: cpe:2.3:o:siemens:scalance_xf204_irt_firmware:::::::: cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:::::::* cpe:2.3:o:siemens:scalance_x204-2ts_firmware:::::::: cpe:2.3:o:siemens:scalance_x208_firmware:::::::: cpe:2.3:o:siemens:scalance_x200-4p_irt_firmware:::::::: cpe:2.3:o:siemens:scalance_x202-2_irt_firmware:::::::: cpe:2.3:o:siemens:scalance_x204-2fm_firmware:::::::: cpe:2.3:h:siemens:scalance_x208pro:-:::::::* cpe:2.3:h:siemens:scalance_x204-2ts:-:::::::* cpe:2.3:o:siemens:scalance_x212-2_firmware:::::::: cpe:2.3:h:siemens:scalance_x204_irt_pro:-:::::::* cpe:2.3:h:siemens:scalance_x206-1ld:-:::::::* cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:::::::* cpe:2.3:h:siemens:scalance_x204-2fm:-:::::::* cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:::::::* cpe:2.3:h:siemens:scalance_x201-3p_irt:-:::::::* cpe:2.3:o:siemens:scalance_x206-1_firmware:::::::: cpe:2.3:o:siemens:scalance_x204_irt_firmware::::::::

22 Apr 2021, 21:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-04-22 21:15

Updated : 2023-12-10 13:55

NVD link : CVE-2021-25668

Mitre link : CVE-2021-25668

CVE.ORG link : CVE-2021-25668

JSON object : View

Products Affected

siemens

scalance_x202-2p_irt_pro
scalance_xf204
scalance_x204-2_firmware
scalance_x204-2ts
scalance_x216_firmware
scalance_x204-2ld_firmware
scalance_xf201-3p_irt
scalance_xf204_irt
scalance_x204-2fm_firmware
scalance_xf206-1
scalance_xf202-2p_irt_firmware
scalance_x208pro
scalance_x212-2ld_firmware
scalance_x204-2
scalance_x204-2fm
scalance_x200-4p_irt
scalance_x208pro_firmware
scalance_xf208_firmware
scalance_xf201-3p_irt_firmware
scalance_x204-2ld
scalance_x201-3p_irt_pro
scalance_xf202-2p_irt
scalance_x208_firmware
scalance_x202-2_irt_firmware
scalance_x202-2p_irt
scalance_xf204-2ba_irt_firmware
scalance_x224
scalance_x204-2ld_ts_firmware
scalance_x202-2_irt
scalance_x208
scalance_x212-2
scalance_x212-2_firmware
scalance_x204_irt_pro_firmware
scalance_x204_irt
scalance_xf204_irt_firmware
scalance_xf206-1_firmware
scalance_x202-2p_irt_firmware
scalance_x224_firmware
scalance_x216
scalance_x204-2ts_firmware
scalance_x206-1_firmware
scalance_x204-2ld_ts
scalance_x201-3p_irt_pro_firmware
scalance_xf204-2ba_irt
scalance_x200-4p_irt_firmware
scalance_x204_irt_firmware
scalance_xf204_firmware
scalance_x201-3p_irt_firmware
scalance_xf204-2_firmware
scalance_xf208
scalance_x212-2ld
scalance_x204_irt_pro
scalance_xf204-2
scalance_x206-1ld
scalance_x201-3p_irt
scalance_x206-1ld_firmware
scalance_x206-1
scalance_x202-2p_irt_pro_firmware

CWE

CWE-122

Heap-based Buffer Overflow

CWE-787

Out-of-bounds Write

9.8 /10