Vulnerabilites related to Siemens - SCALANCE MUB852-1 (A1)
cve-2025-23384
Vulnerability from cvelistv5
Published
2025-03-11 09:48
Modified
2025-03-11 14:00
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.2.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.2.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2.1), SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1) (All versions < V8.2.1), SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1) (All versions < V8.2.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2.1), SCALANCE SC-600 family (All versions). Affected devices improperly validate usernames during OpenVPN authentication. This could allow an attacker to get partial invalid usernames accepted by the server.
Impacted products
Vendor Product Version
Siemens RUGGEDCOM RM1224 LTE(4G) EU Version: 0   < V8.2.1
Create a notification for this product.
   Siemens RUGGEDCOM RM1224 LTE(4G) NAM Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE M804PB Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE M812-1 ADSL-Router family Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE M816-1 ADSL-Router family Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE M826-2 SHDSL-Router Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE M874-2 Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE M874-3 Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE M874-3 3G-Router (CN) Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE M876-3 Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE M876-3 (ROK) Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE M876-4 Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE M876-4 (EU) Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE M876-4 (NAM) Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE MUB852-1 (A1) Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE MUB852-1 (B1) Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE MUM853-1 (A1) Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE MUM853-1 (B1) Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE MUM853-1 (EU) Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE MUM856-1 (A1) Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE MUM856-1 (B1) Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE MUM856-1 (CN) Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE MUM856-1 (EU) Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE MUM856-1 (RoW) Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE S615 EEC LAN-Router Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE S615 LAN-Router Version: 0   < V8.2.1
Create a notification for this product.
   Siemens SCALANCE SC-600 family Version: 0   < *
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-23384",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-11T13:59:10.263039Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-11T14:00:28.471Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               product: "RUGGEDCOM RM1224 LTE(4G) EU",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "RUGGEDCOM RM1224 LTE(4G) NAM",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE M804PB",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE M812-1 ADSL-Router family",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE M816-1 ADSL-Router family",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE M826-2 SHDSL-Router",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE M874-2",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE M874-3",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE M874-3 3G-Router (CN)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE M876-3",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE M876-3 (ROK)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE M876-4",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE M876-4 (EU)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE M876-4 (NAM)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE MUB852-1 (A1)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE MUB852-1 (B1)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE MUM853-1 (A1)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE MUM853-1 (B1)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE MUM853-1 (EU)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE MUM856-1 (A1)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE MUM856-1 (B1)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE MUM856-1 (CN)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE MUM856-1 (EU)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE MUM856-1 (RoW)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE S615 EEC LAN-Router",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE S615 LAN-Router",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V8.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE SC-600 family",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.2.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.2.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2.1), SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1) (All versions < V8.2.1), SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1) (All versions < V8.2.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2.1), SCALANCE SC-600 family (All versions). Affected devices improperly validate usernames during OpenVPN authentication. This could allow an attacker to get partial invalid usernames accepted by the server.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 3.7,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
                  version: "3.1",
               },
            },
            {
               cvssV4_0: {
                  baseScore: 6.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                  version: "4.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-187",
                     description: "CWE-187: Partial String Comparison",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-11T09:48:08.341Z",
            orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            shortName: "siemens",
         },
         references: [
            {
               url: "https://cert-portal.siemens.com/productcert/html/ssa-280834.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
      assignerShortName: "siemens",
      cveId: "CVE-2025-23384",
      datePublished: "2025-03-11T09:48:08.341Z",
      dateReserved: "2025-01-15T07:34:32.934Z",
      dateUpdated: "2025-03-11T14:00:28.471Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}