CVE-2021-25667

moderate-risk

Published 2021-03-15

A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions < V4.1), SCALANCE XC-200 (All versions < V4.1), SCALANCE XF-200BA (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XP-200 (All versions < V4.1), SCALANCE XR-300WG (All versions < V4.1), SCALANCE XR500 (All versions < V6.2). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active.

Do I need to act?

0.30% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

ADJACENT_NETWORK / LOW complexity

Affected Products (15)

Ruggedcom Rm1224 Firmware

Scalance M-800 Firmware

Scalance S615 Firmware

Scalance X300Wg Firmware

Scalance Xm400 Firmware

Scalance Xr500 Firmware

Scalance Sc622-2C Firmware

Scalance Sc632-2C Firmware

Scalance Sc636-2C Firmware

Scalance Sc642-2C Firmware

Scalance Sc646-2C Firmware

Scalance Xb-200 Firmware

Scalance Xc-200 Firmware

Scalance Xf-200Ba Firmware

Scalance Xp-200 Firmware

Affected Vendors

Siemens

References (4)

Patch https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf

Patch https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03

Patch https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf

Patch https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03

/ 100

moderate-risk

Severity 27/34 · High

Exploitability 1/34 · Minimal

Exposure 18/34 · Moderate