CVE-2021-37182
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been identified in SCALANCE XM408-4C (All versions < V6.5), SCALANCE XM408-4C (L3 int.) (All versions < V6.5), SCALANCE XM408-8C (All versions < V6.5), SCALANCE XM408-8C (L3 int.) (All versions < V6.5), SCALANCE XM416-4C (All versions < V6.5), SCALANCE XM416-4C (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 1x230V (All versions < V6.5), SCALANCE XR524-8C, 1x230V (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 24V (All versions < V6.5), SCALANCE XR524-8C, 24V (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 2x230V (All versions < V6.5), SCALANCE XR524-8C, 2x230V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 1x230V (All versions < V6.5), SCALANCE XR526-8C, 1x230V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 24V (All versions < V6.5), SCALANCE XR526-8C, 24V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 2x230V (All versions < V6.5), SCALANCE XR526-8C, 2x230V (L3 int.) (All versions < V6.5), SCALANCE XR528-6M (All versions < V6.5), SCALANCE XR528-6M (2HR2) (All versions < V6.5), SCALANCE XR528-6M (2HR2, L3 int.) (All versions < V6.5), SCALANCE XR528-6M (L3 int.) (All versions < V6.5), SCALANCE XR552-12M (All versions < V6.5), SCALANCE XR552-12M (2HR2) (All versions < V6.5), SCALANCE XR552-12M (2HR2) (All versions < V6.5), SCALANCE XR552-12M (2HR2, L3 int.) (All versions < V6.5). The OSPF protocol implementation in affected devices fails to verify the checksum and length fields in the OSPF LS Update messages. An unauthenticated remote attacker could exploit this vulnerability to cause interruptions in the network by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device.
Se ha identificado una vulnerabilidad en SCALANCE XM408-4C (Todas las versiones anteriores a V6.5), SCALANCE XM408-4C (L3 int.) (Todas las versiones anteriores a V6.5), SCALANCE XM408-8C (Todas las versiones anteriores a V6. 5), SCALANCE XM408-8C (L3 int.) (Todas las versiones anteriores a V6.5), SCALANCE XM416-4C (Todas las versiones anteriores a V6.5), SCALANCE XM416-4C (L3 int.) (Todas las versiones anteriores a V6.5), SCALANCE XR524-8C, 1x230V (Todas las versiones anteriores a V6. 5), SCALANCE XR524-8C, 1x230V (L3 int.) (Todas las versiones anteriores a V6.5), SCALANCE XR524-8C, 24V (Todas las versiones anteriores a V6.5), SCALANCE XR524-8C, 24V (L3 int.) (Todas las versiones anteriores a V6. 5), SCALANCE XR524-8C, 2x230V (Todas las versiones anteriores a V6.5), SCALANCE XR524-8C, 2x230V (L3 int.) (Todas las versiones anteriores a V6.5), SCALANCE XR526-8C, 1x230V (Todas las versiones anteriores a V6. 5), SCALANCE XR526-8C, 1x230V (L3 int.) (Todas las versiones anteriores a V6.5), SCALANCE XR526-8C, 24V (Todas las versiones anteriores a V6.5), SCALANCE XR526-8C, 24V (L3 int.) (Todas las versiones anteriores a V6. 5), SCALANCE XR526-8C, 2x230V (Todas las versiones anteriores a V6.5), SCALANCE XR526-8C, 2x230V (L3 int.) (Todas las versiones anteriores a V6.5), SCALANCE XR528-6M (Todas las versiones anteriores a V6. 5), SCALANCE XR528-6M (2HR2) (Todas las versiones anteriores a V6.5), SCALANCE XR528-6M (2HR2, L3 int.) (Todas las versiones anteriores a V6.5), SCALANCE XR528-6M (L3 int.) (Todas las versiones anteriores a V6.5), SCALANCE XR552-12M (Todas las versiones anteriores a V6. 5), SCALANCE XR552-12M (2HR2) (Todas las versiones anteriores a V6.5), SCALANCE XR552-12M (2HR2) (Todas las versiones anteriores a V6.5), SCALANCE XR552-12M (2HR2, L3 int.) (Todas las versiones anteriores a V6.5). Una implementación del protocolo OSPF en los dispositivos afectados no verifica los campos de suma de comprobación y longitud en los mensajes de actualización OSPF LS. Un atacante remoto no autenticado podría explotar esta vulnerabilidad para causar interrupciones en la red mediante el envío de paquetes OSPF especialmente diseñados. Una explotación con éxito requiere que OSPF esté habilitado en un dispositivo afectado
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-07-21 CVE Reserved
- 2022-06-14 CVE Published
- 2024-01-05 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-354: Improper Validation of Integrity Check Value
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-145224.pdf | 2022-06-27 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Siemens Search vendor "Siemens" | Scalance Xm408-4c Firmware Search vendor "Siemens" for product "Scalance Xm408-4c Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xm408-4c Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xm408-4c Search vendor "Siemens" for product "Scalance Xm408-4c" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xm408-4c L3 Firmware Search vendor "Siemens" for product "Scalance Xm408-4c L3 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xm408-4c L3 Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xm408-4c L3 Search vendor "Siemens" for product "Scalance Xm408-4c L3" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xm408-8c Firmware Search vendor "Siemens" for product "Scalance Xm408-8c Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xm408-8c Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xm408-8c Search vendor "Siemens" for product "Scalance Xm408-8c" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xm408-8c L3 Firmware Search vendor "Siemens" for product "Scalance Xm408-8c L3 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xm408-8c L3 Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xm408-8c L3 Search vendor "Siemens" for product "Scalance Xm408-8c L3" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xm416-4c Firmware Search vendor "Siemens" for product "Scalance Xm416-4c Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xm416-4c Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xm416-4c Search vendor "Siemens" for product "Scalance Xm416-4c" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xm416-4c L3 Firmware Search vendor "Siemens" for product "Scalance Xm416-4c L3 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xm416-4c L3 Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xm416-4c L3 Search vendor "Siemens" for product "Scalance Xm416-4c L3" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr524-8c Firmware Search vendor "Siemens" for product "Scalance Xr524-8c Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr524-8c Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr524-8c Search vendor "Siemens" for product "Scalance Xr524-8c" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr524-8c Firmware Search vendor "Siemens" for product "Scalance Xr524-8c Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr524-8c Firmware" and version " < 6.5" | 1x230v |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr524-8c Search vendor "Siemens" for product "Scalance Xr524-8c" | - | 1x230v |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr524-8c Firmware Search vendor "Siemens" for product "Scalance Xr524-8c Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr524-8c Firmware" and version " < 6.5" | 24v |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr524-8c Search vendor "Siemens" for product "Scalance Xr524-8c" | - | 24v |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr524-8c Firmware Search vendor "Siemens" for product "Scalance Xr524-8c Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr524-8c Firmware" and version " < 6.5" | 2x230v |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr524-8c Search vendor "Siemens" for product "Scalance Xr524-8c" | - | 2x230v |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr524-8c L3 Firmware Search vendor "Siemens" for product "Scalance Xr524-8c L3 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr524-8c L3 Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr524-8c L3 Search vendor "Siemens" for product "Scalance Xr524-8c L3" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr524-8c L3 Firmware Search vendor "Siemens" for product "Scalance Xr524-8c L3 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr524-8c L3 Firmware" and version " < 6.5" | 1x230v |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr524-8c L3 Search vendor "Siemens" for product "Scalance Xr524-8c L3" | - | 1x230v |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr524-8c L3 Firmware Search vendor "Siemens" for product "Scalance Xr524-8c L3 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr524-8c L3 Firmware" and version " < 6.5" | 24v |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr524-8c L3 Search vendor "Siemens" for product "Scalance Xr524-8c L3" | - | 24v |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr524-8c L3 Firmware Search vendor "Siemens" for product "Scalance Xr524-8c L3 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr524-8c L3 Firmware" and version " < 6.5" | 2x230v |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr524-8c L3 Search vendor "Siemens" for product "Scalance Xr524-8c L3" | - | 2x230v |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr526-8c Firmware Search vendor "Siemens" for product "Scalance Xr526-8c Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr526-8c Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr526-8c Search vendor "Siemens" for product "Scalance Xr526-8c" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr526-8c Firmware Search vendor "Siemens" for product "Scalance Xr526-8c Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr526-8c Firmware" and version " < 6.5" | 1x230v |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr526-8c Search vendor "Siemens" for product "Scalance Xr526-8c" | - | 1x230v |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr526-8c Firmware Search vendor "Siemens" for product "Scalance Xr526-8c Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr526-8c Firmware" and version " < 6.5" | 24v |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr526-8c Search vendor "Siemens" for product "Scalance Xr526-8c" | - | 24v |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr526-8c Firmware Search vendor "Siemens" for product "Scalance Xr526-8c Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr526-8c Firmware" and version " < 6.5" | 2x230v |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr526-8c Search vendor "Siemens" for product "Scalance Xr526-8c" | - | 2x230v |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr526-8c L3 Firmware Search vendor "Siemens" for product "Scalance Xr526-8c L3 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr526-8c L3 Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr526-8c L3 Search vendor "Siemens" for product "Scalance Xr526-8c L3" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr526-8c L3 Firmware Search vendor "Siemens" for product "Scalance Xr526-8c L3 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr526-8c L3 Firmware" and version " < 6.5" | 1x230v |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr526-8c L3 Search vendor "Siemens" for product "Scalance Xr526-8c L3" | - | 1x230v |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr526-8c L3 Firmware Search vendor "Siemens" for product "Scalance Xr526-8c L3 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr526-8c L3 Firmware" and version " < 6.5" | 24v |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr526-8c L3 Search vendor "Siemens" for product "Scalance Xr526-8c L3" | - | 24v |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr526-8c L3 Firmware Search vendor "Siemens" for product "Scalance Xr526-8c L3 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr526-8c L3 Firmware" and version " < 6.5" | 2x230v |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr526-8c L3 Search vendor "Siemens" for product "Scalance Xr526-8c L3" | - | 2x230v |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr528-6m Firmware Search vendor "Siemens" for product "Scalance Xr528-6m Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr528-6m Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr528-6m Search vendor "Siemens" for product "Scalance Xr528-6m" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr528-6m 2hr2 Firmware Search vendor "Siemens" for product "Scalance Xr528-6m 2hr2 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr528-6m 2hr2 Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr528-6m 2hr2 Search vendor "Siemens" for product "Scalance Xr528-6m 2hr2" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr528-6m 2hr2 L3 Firmware Search vendor "Siemens" for product "Scalance Xr528-6m 2hr2 L3 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr528-6m 2hr2 L3 Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr528-6m 2hr2 L3 Search vendor "Siemens" for product "Scalance Xr528-6m 2hr2 L3" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr528-6m L3 Firmware Search vendor "Siemens" for product "Scalance Xr528-6m L3 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr528-6m L3 Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr528-6m L3 Search vendor "Siemens" for product "Scalance Xr528-6m L3" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr552-12m Firmware Search vendor "Siemens" for product "Scalance Xr552-12m Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr552-12m Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr552-12m Search vendor "Siemens" for product "Scalance Xr552-12m" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr552-12m 2hr2 Firmware Search vendor "Siemens" for product "Scalance Xr552-12m 2hr2 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr552-12m 2hr2 Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr552-12m 2hr2 Search vendor "Siemens" for product "Scalance Xr552-12m 2hr2" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr552-12m 2hr2 L3 Firmware Search vendor "Siemens" for product "Scalance Xr552-12m 2hr2 L3 Firmware" | < 6.5 Search vendor "Siemens" for product "Scalance Xr552-12m 2hr2 L3 Firmware" and version " < 6.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr552-12m 2hr2 L3 Search vendor "Siemens" for product "Scalance Xr552-12m 2hr2 L3" | - | - |
Safe
|