Search criteria
3 vulnerabilities found for scalance_w780_firmware by siemens
FKIE_CVE-2021-25666
Vulnerability from fkie_nvd - Published: 2021-02-09 18:15 - Updated: 2024-11-21 05:55
Severity ?
Summary
A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions < V6.3). Sending specially crafted packets through the ARP protocol to an affected device could cause a partial denial-of-service, preventing the device to operate normally for a short period of time.
References
| URL | Tags | ||
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf | Vendor Advisory | |
| productcert@siemens.com | https://us-cert.cisa.gov/ics/advisories/icsa-21-040-07 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-21-040-07 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | scalance_w780_firmware | * | |
| siemens | scalance_w780 | - | |
| siemens | scalance_w740_firmware | * | |
| siemens | scalance_w740 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w780_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE9B4EC-DF55-4F8A-B130-C0F8F286441C",
"versionEndExcluding": "6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w780:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB406941-2C32-4551-8C1C-9E8DC4157E73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w740_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00F55236-C25F-4F93-B74C-AE75EEDBD388",
"versionEndExcluding": "6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w740:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BFC9F18-3070-4F23-88D9-F40CDF884174",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions \u003c V6.3). Sending specially crafted packets through the ARP protocol to an affected device could cause a partial denial-of-service, preventing the device to operate normally for a short period of time."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en la familia SCALANCE W780 y W740 (IEEE 802.11n) (todas las versiones anteriores a V6.3).\u0026#xa0;El env\u00edo de paquetes especialmente dise\u00f1ados por medio del protocolo ARP hacia un dispositivo afectado podr\u00eda causar una denegaci\u00f3n de servicio parcial, impidiendo al dispositivo funcionar normalmente durante un corto per\u00edodo de tiempo"
}
],
"id": "CVE-2021-25666",
"lastModified": "2024-11-21T05:55:15.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-09T18:15:51.573",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf"
},
{
"source": "productcert@siemens.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-07"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-07"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}
CVE-2021-25666 (GCVE-0-2021-25666)
Vulnerability from cvelistv5 – Published: 2021-02-09 15:38 – Updated: 2024-08-03 20:11
VLAI?
Summary
A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions < V6.3). Sending specially crafted packets through the ARP protocol to an affected device could cause a partial denial-of-service, preventing the device to operate normally for a short period of time.
Severity ?
No CVSS data available.
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | SCALANCE W780 and W740 (IEEE 802.11n) family |
Affected:
All versions < V6.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:27.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-07"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SCALANCE W780 and W740 (IEEE 802.11n) family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V6.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions \u003c V6.3). Sending specially crafted packets through the ARP protocol to an affected device could cause a partial denial-of-service, preventing the device to operate normally for a short period of time."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-12T20:17:06",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-07"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-25666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SCALANCE W780 and W740 (IEEE 802.11n) family",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V6.3"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions \u003c V6.3). Sending specially crafted packets through the ARP protocol to an affected device could cause a partial denial-of-service, preventing the device to operate normally for a short period of time."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770: Allocation of Resources Without Limits or Throttling"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-07",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-07"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-25666",
"datePublished": "2021-02-09T15:38:21",
"dateReserved": "2021-01-21T00:00:00",
"dateUpdated": "2024-08-03T20:11:27.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25666 (GCVE-0-2021-25666)
Vulnerability from nvd – Published: 2021-02-09 15:38 – Updated: 2024-08-03 20:11
VLAI?
Summary
A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions < V6.3). Sending specially crafted packets through the ARP protocol to an affected device could cause a partial denial-of-service, preventing the device to operate normally for a short period of time.
Severity ?
No CVSS data available.
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | SCALANCE W780 and W740 (IEEE 802.11n) family |
Affected:
All versions < V6.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:27.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-07"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SCALANCE W780 and W740 (IEEE 802.11n) family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V6.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions \u003c V6.3). Sending specially crafted packets through the ARP protocol to an affected device could cause a partial denial-of-service, preventing the device to operate normally for a short period of time."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-12T20:17:06",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-07"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-25666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SCALANCE W780 and W740 (IEEE 802.11n) family",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V6.3"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions \u003c V6.3). Sending specially crafted packets through the ARP protocol to an affected device could cause a partial denial-of-service, preventing the device to operate normally for a short period of time."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770: Allocation of Resources Without Limits or Throttling"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-07",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-07"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-25666",
"datePublished": "2021-02-09T15:38:21",
"dateReserved": "2021-01-21T00:00:00",
"dateUpdated": "2024-08-03T20:11:27.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}