Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cnvd-2021-28699
Vulnerability from cnvd
Title: Siemens SCALANCE X-200 Web服务器堆栈缓冲区溢出漏洞
Description:
Siemens SCALANCE X switches用于连接工业组件,如可编程逻辑控制器(PLC)或人机接口(HMI)。
Siemens SCALANCE X-200 Web服务器存在堆栈缓冲区溢出漏洞。攻击者利用此漏洞导致设备拒绝服务或远程代码执行。
Severity: 高
Patch Name: Siemens SCALANCE X-200 Web服务器堆栈缓冲区溢出漏洞的补丁
Patch Description:
Siemens SCALANCE X switches用于连接工业组件,如可编程逻辑控制器(PLC)或人机接口(HMI)。
Siemens SCALANCE X-200 Web服务器存在堆栈缓冲区溢出漏洞。攻击者利用此漏洞导致设备拒绝服务或远程代码执行。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
用户可参考如下供应商提供的安全公告获得补丁信息: https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf
Reference: https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf
Impacted products
| Name | ['Siemens SCALANCE X200-4P IRT < 5.5.1', 'Siemens SCALANCE X201-3P IRT < 5.5.1', 'Siemens SCALANCE X201-3P IRT PRO < 5.5.1', 'Siemens SCALANCE X202-2 IRT < 5.5.1', 'Siemens SCALANCE X202-2P IRT (incl. SIPLUS NET vari-ant) < 5.5.1', 'Siemens SCALANCE X202-2P IRT PRO < 5.5.1', 'Siemens SCALANCE X204 IRT < 5.5.1', 'Siemens SCALANCE X204 IRT PRO < 5.5.1', 'Siemens SCALANCE X204-2 (incl. SIPLUS NET variant)', 'Siemens SCALANCE XF206-1', 'Siemens SCALANCE XF208', 'Siemens SCALANCE X204-2LD (incl. SIPLUS NET vari-ant)', 'Siemens SCALANCE X204-2LD TS', 'Siemens SCALANCE X204-2TS', 'Siemens SCALANCE X206-1', 'Siemens SCALANCE X206-1LD', 'Siemens SCALANCE X208 (incl. SIPLUS NET variant)', 'Siemens SCALANCE X208PRO', 'Siemens SCALANCE X212-2 (incl. SIPLUS NET variant)', 'Siemens SCALANCE X212-2LD', 'Siemens SCALANCE X216', 'Siemens SCALANCE X224', 'Siemens SCALANCE XF201-3P IRT < 5.5.1', 'Siemens SCALANCE XF202-2P IRT < 5.5.1', 'Siemens SCALANCE XF204', 'Siemens SCALANCE XF204 IRT < 5.5.1', 'Siemens SCALANCE XF204-2BA IRT < 5.5.1'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2021-25669"
}
},
"description": "Siemens SCALANCE X switches\u7528\u4e8e\u8fde\u63a5\u5de5\u4e1a\u7ec4\u4ef6\uff0c\u5982\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\uff08PLC\uff09\u6216\u4eba\u673a\u63a5\u53e3\uff08HMI\uff09\u3002\n\nSiemens SCALANCE X-200 Web\u670d\u52a1\u5668\u5b58\u5728\u5806\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u5bfc\u81f4\u8bbe\u5907\u62d2\u7edd\u670d\u52a1\u6216\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2021-28699",
"openTime": "2021-04-15",
"patchDescription": "Siemens SCALANCE X switches\u7528\u4e8e\u8fde\u63a5\u5de5\u4e1a\u7ec4\u4ef6\uff0c\u5982\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\uff08PLC\uff09\u6216\u4eba\u673a\u63a5\u53e3\uff08HMI\uff09\u3002\r\n\r\nSiemens SCALANCE X-200 Web\u670d\u52a1\u5668\u5b58\u5728\u5806\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u5bfc\u81f4\u8bbe\u5907\u62d2\u7edd\u670d\u52a1\u6216\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Siemens SCALANCE X-200 Web\u670d\u52a1\u5668\u5806\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Siemens SCALANCE X200-4P IRT \u003c 5.5.1",
"Siemens SCALANCE X201-3P IRT \u003c 5.5.1",
"Siemens SCALANCE X201-3P IRT PRO \u003c 5.5.1",
"Siemens SCALANCE X202-2 IRT \u003c 5.5.1",
"Siemens SCALANCE X202-2P IRT (incl. SIPLUS NET vari-ant) \u003c 5.5.1",
"Siemens SCALANCE X202-2P IRT PRO \u003c 5.5.1",
"Siemens SCALANCE X204 IRT \u003c 5.5.1",
"Siemens SCALANCE X204 IRT PRO \u003c 5.5.1",
"Siemens SCALANCE X204-2 (incl. SIPLUS NET variant)",
"Siemens SCALANCE XF206-1",
"Siemens SCALANCE XF208",
"Siemens SCALANCE X204-2LD (incl. SIPLUS NET vari-ant)",
"Siemens SCALANCE X204-2LD TS",
"Siemens SCALANCE X204-2TS",
"Siemens SCALANCE X206-1",
"Siemens SCALANCE X206-1LD",
"Siemens SCALANCE X208 (incl. SIPLUS NET variant)",
"Siemens SCALANCE X208PRO",
"Siemens SCALANCE X212-2 (incl. SIPLUS NET variant)",
"Siemens SCALANCE X212-2LD",
"Siemens SCALANCE X216",
"Siemens SCALANCE X224",
"Siemens SCALANCE XF201-3P IRT \u003c 5.5.1",
"Siemens SCALANCE XF202-2P IRT \u003c 5.5.1",
"Siemens SCALANCE XF204",
"Siemens SCALANCE XF204 IRT \u003c 5.5.1",
"Siemens SCALANCE XF204-2BA IRT \u003c 5.5.1"
]
},
"referenceLink": "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf",
"serverity": "\u9ad8",
"submitTime": "2021-04-13",
"title": "Siemens SCALANCE X-200 Web\u670d\u52a1\u5668\u5806\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}
CVE-2021-25669 (GCVE-0-2021-25669)
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-03 20:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the web server may write out of bounds in stack. An attacker might leverage this to denial-of-service of the device or remote code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SCALANCE X200-4P IRT |
Version: All versions < 5.5.1 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:27.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SCALANCE X200-4P IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c 5.5.1"
}
]
},
{
"product": "SCALANCE X201-3P IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c 5.5.1"
}
]
},
{
"product": "SCALANCE X201-3P IRT PRO",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c 5.5.1"
}
]
},
{
"product": "SCALANCE X202-2 IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c 5.5.1"
}
]
},
{
"product": "SCALANCE X202-2P IRT (incl. SIPLUS NET variant)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c 5.5.1"
}
]
},
{
"product": "SCALANCE X202-2P IRT PRO",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c 5.5.1"
}
]
},
{
"product": "SCALANCE X204 IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c 5.5.1"
}
]
},
{
"product": "SCALANCE X204 IRT PRO",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c 5.5.1"
}
]
},
{
"product": "SCALANCE X204-2 (incl. SIPLUS NET variant)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE X204-2FM",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE X204-2LD (incl. SIPLUS NET variant)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE X204-2LD TS",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE X204-2TS",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE X206-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE X206-1LD",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE X208 (incl. SIPLUS NET variant)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE X208PRO",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE X212-2 (incl. SIPLUS NET variant)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE X212-2LD",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE X216",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE X224",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE XF201-3P IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c 5.5.1"
}
]
},
{
"product": "SCALANCE XF202-2P IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c 5.5.1"
}
]
},
{
"product": "SCALANCE XF204",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE XF204 IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c 5.5.1"
}
]
},
{
"product": "SCALANCE XF204-2 (incl. SIPLUS NET variant)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE XF204-2BA IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c 5.5.1"
}
]
},
{
"product": "SCALANCE XF206-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
},
{
"product": "SCALANCE XF208",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE X200-4P IRT (All versions \u003c 5.5.1), SCALANCE X201-3P IRT (All versions \u003c 5.5.1), SCALANCE X201-3P IRT PRO (All versions \u003c 5.5.1), SCALANCE X202-2 IRT (All versions \u003c 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions \u003c 5.5.1), SCALANCE X202-2P IRT PRO (All versions \u003c 5.5.1), SCALANCE X204 IRT (All versions \u003c 5.5.1), SCALANCE X204 IRT PRO (All versions \u003c 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions \u003c V5.2.5), SCALANCE X204-2FM (All versions \u003c V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions \u003c V5.2.5), SCALANCE X204-2LD TS (All versions \u003c V5.2.5), SCALANCE X204-2TS (All versions \u003c V5.2.5), SCALANCE X206-1 (All versions \u003c V5.2.5), SCALANCE X206-1LD (All versions \u003c V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions \u003c V5.2.5), SCALANCE X208PRO (All versions \u003c V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions \u003c V5.2.5), SCALANCE X212-2LD (All versions \u003c V5.2.5), SCALANCE X216 (All versions \u003c V5.2.5), SCALANCE X224 (All versions \u003c V5.2.5), SCALANCE XF201-3P IRT (All versions \u003c 5.5.1), SCALANCE XF202-2P IRT (All versions \u003c 5.5.1), SCALANCE XF204 (All versions \u003c V5.2.5), SCALANCE XF204 IRT (All versions \u003c 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions \u003c V5.2.5), SCALANCE XF204-2BA IRT (All versions \u003c 5.5.1), SCALANCE XF206-1 (All versions \u003c V5.2.5), SCALANCE XF208 (All versions \u003c V5.2.5). Incorrect processing of POST requests in the web server may write out of bounds in stack. An attacker might leverage this to denial-of-service of the device or remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-14T10:47:24",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-25669",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SCALANCE X200-4P IRT",
"version": {
"version_data": [
{
"version_value": "All versions \u003c 5.5.1"
}
]
}
},
{
"product_name": "SCALANCE X201-3P IRT",
"version": {
"version_data": [
{
"version_value": "All versions \u003c 5.5.1"
}
]
}
},
{
"product_name": "SCALANCE X201-3P IRT PRO",
"version": {
"version_data": [
{
"version_value": "All versions \u003c 5.5.1"
}
]
}
},
{
"product_name": "SCALANCE X202-2 IRT",
"version": {
"version_data": [
{
"version_value": "All versions \u003c 5.5.1"
}
]
}
},
{
"product_name": "SCALANCE X202-2P IRT (incl. SIPLUS NET variant)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c 5.5.1"
}
]
}
},
{
"product_name": "SCALANCE X202-2P IRT PRO",
"version": {
"version_data": [
{
"version_value": "All versions \u003c 5.5.1"
}
]
}
},
{
"product_name": "SCALANCE X204 IRT",
"version": {
"version_data": [
{
"version_value": "All versions \u003c 5.5.1"
}
]
}
},
{
"product_name": "SCALANCE X204 IRT PRO",
"version": {
"version_data": [
{
"version_value": "All versions \u003c 5.5.1"
}
]
}
},
{
"product_name": "SCALANCE X204-2 (incl. SIPLUS NET variant)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE X204-2FM",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE X204-2LD (incl. SIPLUS NET variant)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE X204-2LD TS",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE X204-2TS",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE X206-1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE X206-1LD",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE X208 (incl. SIPLUS NET variant)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE X208PRO",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE X212-2 (incl. SIPLUS NET variant)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE X212-2LD",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE X216",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE X224",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE XF201-3P IRT",
"version": {
"version_data": [
{
"version_value": "All versions \u003c 5.5.1"
}
]
}
},
{
"product_name": "SCALANCE XF202-2P IRT",
"version": {
"version_data": [
{
"version_value": "All versions \u003c 5.5.1"
}
]
}
},
{
"product_name": "SCALANCE XF204",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE XF204 IRT",
"version": {
"version_data": [
{
"version_value": "All versions \u003c 5.5.1"
}
]
}
},
{
"product_name": "SCALANCE XF204-2 (incl. SIPLUS NET variant)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE XF204-2BA IRT",
"version": {
"version_data": [
{
"version_value": "All versions \u003c 5.5.1"
}
]
}
},
{
"product_name": "SCALANCE XF206-1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
},
{
"product_name": "SCALANCE XF208",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.2.5"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SCALANCE X200-4P IRT (All versions \u003c 5.5.1), SCALANCE X201-3P IRT (All versions \u003c 5.5.1), SCALANCE X201-3P IRT PRO (All versions \u003c 5.5.1), SCALANCE X202-2 IRT (All versions \u003c 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions \u003c 5.5.1), SCALANCE X202-2P IRT PRO (All versions \u003c 5.5.1), SCALANCE X204 IRT (All versions \u003c 5.5.1), SCALANCE X204 IRT PRO (All versions \u003c 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions \u003c V5.2.5), SCALANCE X204-2FM (All versions \u003c V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions \u003c V5.2.5), SCALANCE X204-2LD TS (All versions \u003c V5.2.5), SCALANCE X204-2TS (All versions \u003c V5.2.5), SCALANCE X206-1 (All versions \u003c V5.2.5), SCALANCE X206-1LD (All versions \u003c V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions \u003c V5.2.5), SCALANCE X208PRO (All versions \u003c V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions \u003c V5.2.5), SCALANCE X212-2LD (All versions \u003c V5.2.5), SCALANCE X216 (All versions \u003c V5.2.5), SCALANCE X224 (All versions \u003c V5.2.5), SCALANCE XF201-3P IRT (All versions \u003c 5.5.1), SCALANCE XF202-2P IRT (All versions \u003c 5.5.1), SCALANCE XF204 (All versions \u003c V5.2.5), SCALANCE XF204 IRT (All versions \u003c 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions \u003c V5.2.5), SCALANCE XF204-2BA IRT (All versions \u003c 5.5.1), SCALANCE XF206-1 (All versions \u003c V5.2.5), SCALANCE XF208 (All versions \u003c V5.2.5). Incorrect processing of POST requests in the web server may write out of bounds in stack. An attacker might leverage this to denial-of-service of the device or remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-25669",
"datePublished": "2021-04-22T20:42:20",
"dateReserved": "2021-01-21T00:00:00",
"dateUpdated": "2024-08-03T20:11:27.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…