Vulnerabilites related to Siemens - SCALANCE X204-2 (incl. SIPLUS NET variant)
cve-2021-25668
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-03 20:11
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the webserver may result in write out of bounds in heap. An attacker might leverage this to cause denial-of-service on the device and potentially remotely execute code.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SCALANCE X200-4P IRT |
Version: All versions < 5.5.1 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:11:27.504Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X200-4P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X201-3P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X202-2 IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X202-2P IRT (incl. SIPLUS NET variant)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X202-2P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X204 IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X204 IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X204-2 (incl. SIPLUS NET variant)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X204-2FM", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X204-2LD (incl. SIPLUS NET variant)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X204-2LD TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X204-2TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X206-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X206-1LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X208 (incl. SIPLUS NET variant)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X208PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X212-2 (incl. SIPLUS NET variant)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X212-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X216", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X224", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE XF201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE XF202-2P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE XF204", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE XF204 IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE XF204-2 (incl. SIPLUS NET variant)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE XF204-2BA IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE XF206-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE XF208", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the webserver may result in write out of bounds in heap. An attacker might leverage this to cause denial-of-service on the device and potentially remotely execute code.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122: Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-14T10:47:23", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-25668", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X200-4P IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X201-3P IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X201-3P IRT PRO", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X202-2 IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X202-2P IRT (incl. SIPLUS NET variant)", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X202-2P IRT PRO", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X204 IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X204 IRT PRO", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X204-2 (incl. SIPLUS NET variant)", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X204-2FM", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X204-2LD (incl. SIPLUS NET variant)", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X204-2LD TS", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X204-2TS", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X206-1", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X206-1LD", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X208 (incl. SIPLUS NET variant)", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X208PRO", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X212-2 (incl. SIPLUS NET variant)", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X212-2LD", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X216", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X224", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE XF201-3P IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE XF202-2P IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE XF204", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE XF204 IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE XF204-2 (incl. SIPLUS NET variant)", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE XF204-2BA IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE XF206-1", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE XF208", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the webserver may result in write out of bounds in heap. An attacker might leverage this to cause denial-of-service on the device and potentially remotely execute code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-122: Heap-based Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-25668", datePublished: "2021-04-22T20:42:20", dateReserved: "2021-01-21T00:00:00", dateUpdated: "2024-08-03T20:11:27.504Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-25669
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-03 20:11
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the web server may write out of bounds in stack. An attacker might leverage this to denial-of-service of the device or remote code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SCALANCE X200-4P IRT |
Version: All versions < 5.5.1 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:11:27.908Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SCALANCE X200-4P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X201-3P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X202-2 IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X202-2P IRT (incl. SIPLUS NET variant)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X202-2P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X204 IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X204 IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE X204-2 (incl. SIPLUS NET variant)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X204-2FM", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X204-2LD (incl. SIPLUS NET variant)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X204-2LD TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X204-2TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X206-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X206-1LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X208 (incl. SIPLUS NET variant)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X208PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X212-2 (incl. SIPLUS NET variant)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X212-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X216", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE X224", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE XF201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE XF202-2P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE XF204", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE XF204 IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE XF204-2 (incl. SIPLUS NET variant)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE XF204-2BA IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 5.5.1", }, ], }, { product: "SCALANCE XF206-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { product: "SCALANCE XF208", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the web server may write out of bounds in stack. An attacker might leverage this to denial-of-service of the device or remote code execution.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121: Stack-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-14T10:47:24", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-25669", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SCALANCE X200-4P IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X201-3P IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X201-3P IRT PRO", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X202-2 IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X202-2P IRT (incl. SIPLUS NET variant)", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X202-2P IRT PRO", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X204 IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X204 IRT PRO", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE X204-2 (incl. SIPLUS NET variant)", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X204-2FM", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X204-2LD (incl. SIPLUS NET variant)", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X204-2LD TS", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X204-2TS", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X206-1", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X206-1LD", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X208 (incl. SIPLUS NET variant)", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X208PRO", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X212-2 (incl. SIPLUS NET variant)", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X212-2LD", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X216", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE X224", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE XF201-3P IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE XF202-2P IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE XF204", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE XF204 IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE XF204-2 (incl. SIPLUS NET variant)", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE XF204-2BA IRT", version: { version_data: [ { version_value: "All versions < 5.5.1", }, ], }, }, { product_name: "SCALANCE XF206-1", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, { product_name: "SCALANCE XF208", version: { version_data: [ { version_value: "All versions < V5.2.5", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the web server may write out of bounds in stack. An attacker might leverage this to denial-of-service of the device or remote code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-121: Stack-based Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-25669", datePublished: "2021-04-22T20:42:20", dateReserved: "2021-01-21T00:00:00", dateUpdated: "2024-08-03T20:11:27.908Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }