{"containers": {"cna": {"affected": [{"product": "SCALANCE X200-4P IRT", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < 5.5.1"}]}, {"product": "SCALANCE X201-3P IRT", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < 5.5.1"}]}, {"product": "SCALANCE X201-3P IRT PRO", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < 5.5.1"}]}, {"product": "SCALANCE X202-2 IRT", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < 5.5.1"}]}, {"product": "SCALANCE X202-2P IRT (incl. SIPLUS NET variant)", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < 5.5.1"}]}, {"product": "SCALANCE X202-2P IRT PRO", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < 5.5.1"}]}, {"product": "SCALANCE X204 IRT", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < 5.5.1"}]}, {"product": "SCALANCE X204 IRT PRO", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < 5.5.1"}]}, {"product": "SCALANCE X204-2 (incl. SIPLUS NET variant)", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE X204-2FM", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE X204-2LD (incl. SIPLUS NET variant)", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE X204-2LD TS", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE X204-2TS", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE X206-1", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE X206-1LD", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE X208 (incl. SIPLUS NET variant)", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE X208PRO", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE X212-2 (incl. SIPLUS NET variant)", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE X212-2LD", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE X216", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE X224", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE XF201-3P IRT", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < 5.5.1"}]}, {"product": "SCALANCE XF202-2P IRT", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < 5.5.1"}]}, {"product": "SCALANCE XF204", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE XF204 IRT", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < 5.5.1"}]}, {"product": "SCALANCE XF204-2 (incl. SIPLUS NET variant)", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE XF204-2BA IRT", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < 5.5.1"}]}, {"product": "SCALANCE XF206-1", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}, {"product": "SCALANCE XF208", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.5"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the web server may write out of bounds in stack. An attacker might leverage this to denial-of-service of the device or remote code execution."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "description": "CWE-121: Stack-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-09-14T10:47:24", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productcert@siemens.com", "ID": "CVE-2021-25669", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SCALANCE X200-4P IRT", "version": {"version_data": [{"version_value": "All versions < 5.5.1"}]}}, {"product_name": "SCALANCE X201-3P IRT", "version": {"version_data": [{"version_value": "All versions < 5.5.1"}]}}, {"product_name": "SCALANCE X201-3P IRT PRO", "version": {"version_data": [{"version_value": "All versions < 5.5.1"}]}}, {"product_name": "SCALANCE X202-2 IRT", "version": {"version_data": [{"version_value": "All versions < 5.5.1"}]}}, {"product_name": "SCALANCE X202-2P IRT (incl. SIPLUS NET variant)", "version": {"version_data": [{"version_value": "All versions < 5.5.1"}]}}, {"product_name": "SCALANCE X202-2P IRT PRO", "version": {"version_data": [{"version_value": "All versions < 5.5.1"}]}}, {"product_name": "SCALANCE X204 IRT", "version": {"version_data": [{"version_value": "All versions < 5.5.1"}]}}, {"product_name": "SCALANCE X204 IRT PRO", "version": {"version_data": [{"version_value": "All versions < 5.5.1"}]}}, {"product_name": "SCALANCE X204-2 (incl. SIPLUS NET variant)", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE X204-2FM", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE X204-2LD (incl. SIPLUS NET variant)", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE X204-2LD TS", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE X204-2TS", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE X206-1", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE X206-1LD", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE X208 (incl. SIPLUS NET variant)", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE X208PRO", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE X212-2 (incl. SIPLUS NET variant)", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE X212-2LD", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE X216", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE X224", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE XF201-3P IRT", "version": {"version_data": [{"version_value": "All versions < 5.5.1"}]}}, {"product_name": "SCALANCE XF202-2P IRT", "version": {"version_data": [{"version_value": "All versions < 5.5.1"}]}}, {"product_name": "SCALANCE XF204", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE XF204 IRT", "version": {"version_data": [{"version_value": "All versions < 5.5.1"}]}}, {"product_name": "SCALANCE XF204-2 (incl. SIPLUS NET variant)", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE XF204-2BA IRT", "version": {"version_data": [{"version_value": "All versions < 5.5.1"}]}}, {"product_name": "SCALANCE XF206-1", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}, {"product_name": "SCALANCE XF208", "version": {"version_data": [{"version_value": "All versions < V5.2.5"}]}}]}, "vendor_name": "Siemens"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the web server may write out of bounds in stack. An attacker might leverage this to denial-of-service of the device or remote code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-121: Stack-based Buffer Overflow"}]}]}, "references": {"reference_data": [{"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T20:11:27.908Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2021-25669", "datePublished": "2021-04-22T20:42:20", "dateReserved": "2021-01-21T00:00:00", "dateUpdated": "2024-08-03T20:11:27.908Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x200-4p_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADFA817F-7237-458A-8BCB-95551360E22A", "versionEndExcluding": "5.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x200-4p_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "8B9CBC72-92D9-4B3A-884F-33124C457016", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "47627D33-BE10-42EC-AD9A-7E3FE4ECF6E2", "versionEndExcluding": "5.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "3268CF75-6DAB-416A-B19B-2A8F95C268CF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9328F7AC-5842-4525-9B30-7C8617063941", "versionEndExcluding": "5.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "492E8AC1-338B-4AC3-90C7-1FADCD4528C4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x202-2_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "20883AFA-C61C-40DC-A343-3CDEA9B1B0AC", "versionEndExcluding": "5.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x202-2_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "577D1E21-717C-4508-AE91-0BC490C89F85", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA284180-566E-45D5-B3B6-4617B89FF4B6", "versionEndExcluding": "5.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4726901-34BF-4F70-80A6-71648A4A29FB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x204_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8A15A02F-7C41-4495-AD4E-11201FE5771F", "versionEndExcluding": "5.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x204_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "0BC31F0E-389B-4925-88DE-726F2F0D2A23", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x204_irt_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "40FCE8E4-B527-4B2D-AC98-C6649EAB4EC0", "versionEndExcluding": "5.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x204_irt_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "8FF096BA-A6F4-46B3-9B9B-7FCEE7E6A6C3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACE1A821-8F0A-4B96-AC8A-B219215014B1", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x204-2:-:*:*:*:*:*:*:*", "matchCriteriaId": "E38CE5A4-3EB1-4E93-BEB7-520E08DA6720", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "54201E08-15E3-4C93-9A0D-DC376B7C8D88", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FCBC784-8EA0-4C6C-B504-DFC164028E4B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "75220631-DD7D-4E86-8405-F98340FFE27C", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:*", "matchCriteriaId": "2BE27611-53E7-4162-8630-5BC334B02E37", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3032A499-DFD5-4FEA-8AC6-E661781387AB", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FDEBD6B-6BE4-4FAD-A4E6-BE762595434D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A493C49A-8BF9-43E5-98D5-55E5390A36A5", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5FFC1E9-4326-4F41-A86A-C52AB6A9A674", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E2C9747F-BEC3-486E-B553-3339F8B54C3A", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A5BB0F2-DD4C-4AB4-9B8F-B2501B239080", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0C8D68AC-8F30-4919-ADB3-A6018458602B", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:*", "matchCriteriaId": "6DFF7FB7-774B-45ED-8400-951230DF0511", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2BC1450A-92ED-451F-9890-4E18CA974485", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3B574E2-F7BA-496B-887C-D25F386AA5E1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x208pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "768320F0-10F5-4B36-AEB6-9DEEA43A30E8", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x208pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "DF2C60CF-4089-4993-A2CB-B7FBDAF81D62", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "31B8367C-5EAC-49F4-83B8-C7E3BD373092", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E716A4E-50A9-4C52-8DA9-098F7506F4B5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "55F50ABF-3E9A-4435-BAA4-7D11A2047D46", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:*", "matchCriteriaId": "C08CDEE3-43EB-475E-8571-6E12824714FD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC643617-D0B7-4379-8ADB-2C2BACA4B165", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0C4BAB5-E161-4B59-8A8C-369C7852A66E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0189DF6-DA80-49FE-B09F-0C07D892518E", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:*", "matchCriteriaId": "D2203895-BC4E-4B2F-9110-C2CD88A121F2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A73DE9A4-A86D-44BB-828F-F358D0E8102C", "versionEndExcluding": "5.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "41614C70-97B4-44C8-A441-530A413A26F9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA653B06-6B43-422B-9E51-4B29438841B4", "versionEndExcluding": "5.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "6751FB7D-C72C-4321-B535-5880FE696FC3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CD13707-1164-415E-9083-7946D151F1FC", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F1AE867-67B4-4871-BF56-88017533A737", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf204_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3FB90745-6B95-43A9-8211-DE32D1000827", "versionEndExcluding": "5.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf204_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "25DDF1EB-80E7-491F-A197-1B220E35CDF1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A09FF2D-F369-47B5-AEE4-A862BEDD9851", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf204-2:-:*:*:*:*:*:*:*", "matchCriteriaId": "69285324-4C0B-4BDC-B60D-F653679DD52D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D634EE1A-2EB5-46FF-9E38-12DA3CDD3136", "versionEndExcluding": "5.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "99E6AFAA-B903-47BB-B0F3-7650B039C0FB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CFCDC84E-0695-409A-844B-D24024CC33F2", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B40D2EB-5C69-47FA-801B-DC48407D418C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1DB6C03-71BF-4359-834B-384E78910E64", "versionEndExcluding": "5.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*", "matchCriteriaId": "898613B2-4A9D-44B9-A3FC-4347A2AD7CAB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x202-2p_irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2560F9B6-D121-4B82-A96F-81A0A4869616", "versionEndExcluding": "5.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x202-2p_irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "CEB62730-E759-455A-A308-F9DB084B35B5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the web server may write out of bounds in stack. An attacker might leverage this to denial-of-service of the device or remote code execution."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en SCALANCE X200-4P IRT (Todas las versiones anteriores a la versi\u00f3n 5.5.1), SCALANCE X201-3P IRT (Todas las versiones anteriores a la versi\u00f3n 5.5.1), SCALANCE X201-3P IRT PRO (Todas las versiones anteriores a la versi\u00f3n 5.5.1), SCALANCE X202-2 IRT (Todas las versiones anteriores a la versi\u00f3n 5.5.1), SCALANCE X202-2P IRT (Incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versi\u00f3n 5.5.1), SCALANCE X202-2P IRT PRO (Todas las versiones anteriores a la versi\u00f3n 5.5.1), SCALANCE X204 IRT (Todas las versiones anteriores a la versi\u00f3n 5.5.1), SCALANCE X204 IRT PRO (Todas las versiones anteriores a la versi\u00f3n 5.5.1), SCALANCE X204-2 (Incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE X204-2FM (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE X204-2LD (Incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE X204-2LD TS (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE X204-2TS (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE X206-1 (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE X206-1LD (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE X208 (Incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE X208PRO (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE X212-2 (Incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE X212-2LD (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE X216 (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE X224 (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE XF201-3P IRT (Todas las versiones anteriores a la versi\u00f3n 5.5.1), SCALANCE XF202-2P IRT (Todas las versiones anteriores a la versi\u00f3n 5.5.1), SCALANCE XF204 (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE XF204 IRT (Todas las versiones anteriores a la versi\u00f3n 5.5.1), SCALANCE XF204-2 (Incluyendo las variantes SIPLUS NET) (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE XF204-2BA IRT (Todas las versiones anteriores a la versi\u00f3n 5.5.1), SCALANCE XF206-1 (Todas las versiones anteriores a la versi\u00f3n V5.2.5), SCALANCE XF208 (Todas las versiones anteriores a la versi\u00f3n V5.2.5). El procesamiento inapropiado de las peticiones POST en el servidor web puede escribir fuera de l\u00edmites en la pila.&#xa0;Un atacante podr\u00eda aprovechar esto para una Denegaci\u00f3n de Servicio del dispositivo o una ejecuci\u00f3n de c\u00f3digo remota"}], "id": "CVE-2021-25669", "lastModified": "2024-11-21T05:55:15.703", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-04-22T21:15:10.143", "references": [{"source": "productcert@siemens.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "productcert@siemens.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{}

{}