// For flags

CVE-2021-25669

 

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the web server may write out of bounds in stack. An attacker might leverage this to denial-of-service of the device or remote code execution.

Se ha identificado una vulnerabilidad en SCALANCE X200-4P IRT (Todas las versiones anteriores a la versión 5.5.1), SCALANCE X201-3P IRT (Todas las versiones anteriores a la versión 5.5.1), SCALANCE X201-3P IRT PRO (Todas las versiones anteriores a la versión 5.5.1), SCALANCE X202-2 IRT (Todas las versiones anteriores a la versión 5.5.1), SCALANCE X202-2P IRT (Incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versión 5.5.1), SCALANCE X202-2P IRT PRO (Todas las versiones anteriores a la versión 5.5.1), SCALANCE X204 IRT (Todas las versiones anteriores a la versión 5.5.1), SCALANCE X204 IRT PRO (Todas las versiones anteriores a la versión 5.5.1), SCALANCE X204-2 (Incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versión V5.2.5), SCALANCE X204-2FM (Todas las versiones anteriores a la versión V5.2.5), SCALANCE X204-2LD (Incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versión V5.2.5), SCALANCE X204-2LD TS (Todas las versiones anteriores a la versión V5.2.5), SCALANCE X204-2TS (Todas las versiones anteriores a la versión V5.2.5), SCALANCE X206-1 (Todas las versiones anteriores a la versión V5.2.5), SCALANCE X206-1LD (Todas las versiones anteriores a la versión V5.2.5), SCALANCE X208 (Incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versión V5.2.5), SCALANCE X208PRO (Todas las versiones anteriores a la versión V5.2.5), SCALANCE X212-2 (Incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versión V5.2.5), SCALANCE X212-2LD (Todas las versiones anteriores a la versión V5.2.5), SCALANCE X216 (Todas las versiones anteriores a la versión V5.2.5), SCALANCE X224 (Todas las versiones anteriores a la versión V5.2.5), SCALANCE XF201-3P IRT (Todas las versiones anteriores a la versión 5.5.1), SCALANCE XF202-2P IRT (Todas las versiones anteriores a la versión 5.5.1), SCALANCE XF204 (Todas las versiones anteriores a la versión V5.2.5), SCALANCE XF204 IRT (Todas las versiones anteriores a la versión 5.5.1), SCALANCE XF204-2 (Incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versión V5.2.5), SCALANCE XF204-2BA IRT (Todas las versiones anteriores a la versión 5.5.1), SCALANCE XF206-1 (Todas las versiones anteriores a la versión V5.2.5), SCALANCE XF208 (Todas las versiones anteriores a la versión V5.2.5). El procesamiento inapropiado de las peticiones POST en el servidor web puede escribir fuera de límites en la pila.&#xa0;Un atacante podría aprovechar esto para una Denegación de Servicio del dispositivo o una ejecución de código remota

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-01-21 CVE Reserved
  • 2021-04-22 CVE Published
  • 2024-03-28 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-121: Stack-based Buffer Overflow
  • CWE-787: Out-of-bounds Write
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Siemens
Search vendor "Siemens"
Scalance X200-4p Irt Firmware
Search vendor "Siemens" for product "Scalance X200-4p Irt Firmware"
< 5.5.1
Search vendor "Siemens" for product "Scalance X200-4p Irt Firmware" and version " < 5.5.1"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X200-4p Irt
Search vendor "Siemens" for product "Scalance X200-4p Irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X201-3p Irt Firmware
Search vendor "Siemens" for product "Scalance X201-3p Irt Firmware"
< 5.5.1
Search vendor "Siemens" for product "Scalance X201-3p Irt Firmware" and version " < 5.5.1"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X201-3p Irt
Search vendor "Siemens" for product "Scalance X201-3p Irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X201-3p Irt Pro Firmware
Search vendor "Siemens" for product "Scalance X201-3p Irt Pro Firmware"
< 5.5.1
Search vendor "Siemens" for product "Scalance X201-3p Irt Pro Firmware" and version " < 5.5.1"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X201-3p Irt Pro
Search vendor "Siemens" for product "Scalance X201-3p Irt Pro"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X202-2 Irt Firmware
Search vendor "Siemens" for product "Scalance X202-2 Irt Firmware"
< 5.5.1
Search vendor "Siemens" for product "Scalance X202-2 Irt Firmware" and version " < 5.5.1"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X202-2 Irt
Search vendor "Siemens" for product "Scalance X202-2 Irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X202-2p Irt Pro Firmware
Search vendor "Siemens" for product "Scalance X202-2p Irt Pro Firmware"
< 5.5.1
Search vendor "Siemens" for product "Scalance X202-2p Irt Pro Firmware" and version " < 5.5.1"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X202-2p Irt Pro
Search vendor "Siemens" for product "Scalance X202-2p Irt Pro"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X204 Irt Firmware
Search vendor "Siemens" for product "Scalance X204 Irt Firmware"
< 5.5.1
Search vendor "Siemens" for product "Scalance X204 Irt Firmware" and version " < 5.5.1"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X204 Irt
Search vendor "Siemens" for product "Scalance X204 Irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X204 Irt Pro Firmware
Search vendor "Siemens" for product "Scalance X204 Irt Pro Firmware"
< 5.5.1
Search vendor "Siemens" for product "Scalance X204 Irt Pro Firmware" and version " < 5.5.1"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X204 Irt Pro
Search vendor "Siemens" for product "Scalance X204 Irt Pro"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X204-2 Firmware
Search vendor "Siemens" for product "Scalance X204-2 Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance X204-2 Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X204-2
Search vendor "Siemens" for product "Scalance X204-2"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X204-2fm Firmware
Search vendor "Siemens" for product "Scalance X204-2fm Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance X204-2fm Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X204-2fm
Search vendor "Siemens" for product "Scalance X204-2fm"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X204-2ld Firmware
Search vendor "Siemens" for product "Scalance X204-2ld Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance X204-2ld Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X204-2ld
Search vendor "Siemens" for product "Scalance X204-2ld"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X204-2ld Ts Firmware
Search vendor "Siemens" for product "Scalance X204-2ld Ts Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance X204-2ld Ts Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X204-2ld Ts
Search vendor "Siemens" for product "Scalance X204-2ld Ts"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X204-2ts Firmware
Search vendor "Siemens" for product "Scalance X204-2ts Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance X204-2ts Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X204-2ts
Search vendor "Siemens" for product "Scalance X204-2ts"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X206-1 Firmware
Search vendor "Siemens" for product "Scalance X206-1 Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance X206-1 Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X206-1
Search vendor "Siemens" for product "Scalance X206-1"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X206-1ld Firmware
Search vendor "Siemens" for product "Scalance X206-1ld Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance X206-1ld Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X206-1ld
Search vendor "Siemens" for product "Scalance X206-1ld"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X208 Firmware
Search vendor "Siemens" for product "Scalance X208 Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance X208 Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X208
Search vendor "Siemens" for product "Scalance X208"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X208pro Firmware
Search vendor "Siemens" for product "Scalance X208pro Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance X208pro Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X208pro
Search vendor "Siemens" for product "Scalance X208pro"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X212-2 Firmware
Search vendor "Siemens" for product "Scalance X212-2 Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance X212-2 Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X212-2
Search vendor "Siemens" for product "Scalance X212-2"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X212-2ld Firmware
Search vendor "Siemens" for product "Scalance X212-2ld Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance X212-2ld Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X212-2ld
Search vendor "Siemens" for product "Scalance X212-2ld"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X216 Firmware
Search vendor "Siemens" for product "Scalance X216 Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance X216 Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X216
Search vendor "Siemens" for product "Scalance X216"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X224 Firmware
Search vendor "Siemens" for product "Scalance X224 Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance X224 Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X224
Search vendor "Siemens" for product "Scalance X224"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xf201-3p Irt Firmware
Search vendor "Siemens" for product "Scalance Xf201-3p Irt Firmware"
< 5.5.1
Search vendor "Siemens" for product "Scalance Xf201-3p Irt Firmware" and version " < 5.5.1"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xf201-3p Irt
Search vendor "Siemens" for product "Scalance Xf201-3p Irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xf202-2p Irt Firmware
Search vendor "Siemens" for product "Scalance Xf202-2p Irt Firmware"
< 5.5.1
Search vendor "Siemens" for product "Scalance Xf202-2p Irt Firmware" and version " < 5.5.1"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xf202-2p Irt
Search vendor "Siemens" for product "Scalance Xf202-2p Irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xf204 Firmware
Search vendor "Siemens" for product "Scalance Xf204 Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance Xf204 Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xf204
Search vendor "Siemens" for product "Scalance Xf204"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xf204 Irt Firmware
Search vendor "Siemens" for product "Scalance Xf204 Irt Firmware"
< 5.5.1
Search vendor "Siemens" for product "Scalance Xf204 Irt Firmware" and version " < 5.5.1"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xf204 Irt
Search vendor "Siemens" for product "Scalance Xf204 Irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xf204-2 Firmware
Search vendor "Siemens" for product "Scalance Xf204-2 Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance Xf204-2 Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xf204-2
Search vendor "Siemens" for product "Scalance Xf204-2"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xf204-2ba Irt Firmware
Search vendor "Siemens" for product "Scalance Xf204-2ba Irt Firmware"
< 5.5.1
Search vendor "Siemens" for product "Scalance Xf204-2ba Irt Firmware" and version " < 5.5.1"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xf204-2ba Irt
Search vendor "Siemens" for product "Scalance Xf204-2ba Irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xf206-1 Firmware
Search vendor "Siemens" for product "Scalance Xf206-1 Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance Xf206-1 Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xf206-1
Search vendor "Siemens" for product "Scalance Xf206-1"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xf208 Firmware
Search vendor "Siemens" for product "Scalance Xf208 Firmware"
< 5.2.5
Search vendor "Siemens" for product "Scalance Xf208 Firmware" and version " < 5.2.5"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xf208
Search vendor "Siemens" for product "Scalance Xf208"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X202-2p Irt Firmware
Search vendor "Siemens" for product "Scalance X202-2p Irt Firmware"
< 5.5.1
Search vendor "Siemens" for product "Scalance X202-2p Irt Firmware" and version " < 5.5.1"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X202-2p Irt
Search vendor "Siemens" for product "Scalance X202-2p Irt"
--
Safe