Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2021-25667
CVE information
Published
Last Modified
CVSSv2.0 Severity
CVSSv3.1 Severity
Impact Analysis
Description
A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions < V4.1), SCALANCE XC-200 (All versions < V4.1), SCALANCE XF-200BA (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XP-200 (All versions < V4.1), SCALANCE XR-300WG (All versions < V4.1), SCALANCE XR500 (All versions < V6.2). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active..
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 5.8/10
- Exploit Score
- 6.5/10
- Access Vector
- Adjacent_network
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 6.4/10
- Confidentiality Impact
- Partial
- Availability Impact
- Partial
- Integrity Impact
- Partial
CVSSv3.1 Score
- Severity
- High
- Base Score
- 8.8/10
- Exploit Score
- 2.8/10
- Access Vector
- Adjacent_network
- Access Complexity
- Low
- Privileges Required
- None
- Impact Score
- 5.9/10
- Confidentiality Impact
- High
- Availability Impact
- High
- Integrity Impact
- High
- Scope
- Unchanged
- User Interaction
- None
Products Affected
| CPE | Affected | Vulnerable | Excluding | Edit |
|---|---|---|---|---|
| cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:* |
Yes
|
4.3 | 6.4 | |
| cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:* |
Yes
|
4.3 | 6.4 | |
| cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:* |
Yes
|
4.3 | 6.4 | |
| cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:siemens:scalance_x300wg_firmware:*:*:*:*:*:*:*:* |
Yes
|
- | 4.1 | |
| cpe:2.3:h:siemens:scalance_x300wg:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:* |
Yes
|
- | 6.2 | |
| cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:* |
Yes
|
- | 6.2 | |
| cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:siemens:scalance_sc622-2c_firmware:*:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:o:siemens:scalance_sc622-2c_firmware:*:*:*:*:*:*:*:* |
Yes
|
2.1 | 2.1.3 | |
| cpe:2.3:h:siemens:scalance_sc622-2c:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:siemens:scalance_sc632-2c_firmware:*:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:o:siemens:scalance_sc632-2c_firmware:*:*:*:*:*:*:*:* |
Yes
|
2.1 | 2.1.3 | |
| cpe:2.3:h:siemens:scalance_sc632-2c:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:siemens:scalance_sc636-2c_firmware:*:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:o:siemens:scalance_sc636-2c_firmware:*:*:*:*:*:*:*:* |
Yes
|
2.1 | 2.1.3 | |
| cpe:2.3:h:siemens:scalance_sc636-2c:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:siemens:scalance_sc642-2c_firmware:*:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:o:siemens:scalance_sc642-2c_firmware:*:*:*:*:*:*:*:* |
Yes
|
2.1 | 2.1.3 | |
| cpe:2.3:h:siemens:scalance_sc642-2c:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:siemens:scalance_sc646-2c_firmware:*:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:o:siemens:scalance_sc646-2c_firmware:*:*:*:*:*:*:*:* |
Yes
|
2.1 | 2.1.3 | |
| cpe:2.3:h:siemens:scalance_sc646-2c:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:* |
Yes
|
- | 4.1 | |
| cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:* |
Yes
|
- | 4.1 | |
| cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:* |
Yes
|
- | 4.1 | |
| cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:* |
Yes
|
- | 4.1 | |
| cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:* |
No
|
- |