Description
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the web server may write out of bounds in stack. An attacker might leverage this to denial-of-service of the device or remote code execution.
Published: 2021-04-22
Score: 9.8 Critical
EPSS: 1.7% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2021-12561 A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the web server may write out of bounds in stack. An attacker might leverage this to denial-of-service of the device or remote code execution.
History

No history.

Subscriptions

Siemens Scalance X200-4p Irt Scalance X200-4p Irt Firmware Scalance X201-3p Irt Scalance X201-3p Irt Firmware Scalance X201-3p Irt Pro Scalance X201-3p Irt Pro Firmware Scalance X202-2 Irt Scalance X202-2 Irt Firmware Scalance X202-2p Irt Scalance X202-2p Irt Firmware Scalance X202-2p Irt Pro Scalance X202-2p Irt Pro Firmware Scalance X204-2 Scalance X204-2 Firmware Scalance X204-2fm Scalance X204-2fm Firmware Scalance X204-2ld Scalance X204-2ld Firmware Scalance X204-2ld Ts Scalance X204-2ld Ts Firmware Scalance X204-2ts Scalance X204-2ts Firmware Scalance X204 Irt Scalance X204 Irt Firmware Scalance X204 Irt Pro Scalance X204 Irt Pro Firmware Scalance X206-1 Scalance X206-1 Firmware Scalance X206-1ld Scalance X206-1ld Firmware Scalance X208 Scalance X208 Firmware Scalance X208pro Scalance X208pro Firmware Scalance X212-2 Scalance X212-2 Firmware Scalance X212-2ld Scalance X212-2ld Firmware Scalance X216 Scalance X216 Firmware Scalance X224 Scalance X224 Firmware Scalance Xf201-3p Irt Scalance Xf201-3p Irt Firmware Scalance Xf202-2p Irt Scalance Xf202-2p Irt Firmware Scalance Xf204 Scalance Xf204-2 Scalance Xf204-2 Firmware Scalance Xf204-2ba Irt Scalance Xf204-2ba Irt Firmware Scalance Xf204 Firmware Scalance Xf204 Irt Scalance Xf204 Irt Firmware Scalance Xf206-1 Scalance Xf206-1 Firmware Scalance Xf208 Scalance Xf208 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: siemens

Published:

Updated: 2024-08-03T20:11:27.908Z

Reserved: 2021-01-21T00:00:00.000Z

Link: CVE-2021-25669

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-04-22T21:15:10.143

Modified: 2024-11-21T05:55:15.703

Link: CVE-2021-25669

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses