CVE-2021-25671 - OpenCVE

A vulnerability has been identified in RWG1.M12 (All versions < V1.16.16), RWG1.M12D (All versions < V1.16.16), RWG1.M8 (All versions < V1.16.16). Sending specially crafted ARP packets to an affected device could cause a partial denial-of-service, preventing the device to operate normally. A restart is needed to restore normal operations.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:A/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Siemens	Rwg1.m12 Rwg1.m12 Firmware Rwg1.m12d Rwg1.m12d Firmware Rwg1.m8 Rwg1.m8 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:siemens:rwg1.m12_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:rwg1.m12:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:siemens:rwg1.m12d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:rwg1.m12d:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:siemens:rwg1.m8_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:rwg1.m8:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://cert-portal.siemens.com/productcert/pdf/ssa-448291.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2021-07-13T11:02:54

Updated: 2024-08-03T20:11:28.082Z

Reserved: 2021-01-21T00:00:00

Link: CVE-2021-25671

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-07-13T11:15:09.370

Modified: 2021-08-04T20:10:56.787

Link: CVE-2021-25671

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "RWG1.M12", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V1.16.16"}]}, {"product": "RWG1.M12D", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V1.16.16"}]}, {"product": "RWG1.M8", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V1.16.16"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in RWG1.M12 (All versions < V1.16.16), RWG1.M12D (All versions < V1.16.16), RWG1.M8 (All versions < V1.16.16). Sending specially crafted ARP packets to an affected device could cause a partial denial-of-service, preventing the device to operate normally. A restart is needed to restore normal operations."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-770", "description": "CWE-770: Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-07-13T11:02:54", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-448291.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productcert@siemens.com", "ID": "CVE-2021-25671", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "RWG1.M12", "version": {"version_data": [{"version_value": "All versions < V1.16.16"}]}}, {"product_name": "RWG1.M12D", "version": {"version_data": [{"version_value": "All versions < V1.16.16"}]}}, {"product_name": "RWG1.M8", "version": {"version_data": [{"version_value": "All versions < V1.16.16"}]}}]}, "vendor_name": "Siemens"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability has been identified in RWG1.M12 (All versions < V1.16.16), RWG1.M12D (All versions < V1.16.16), RWG1.M8 (All versions < V1.16.16). Sending specially crafted ARP packets to an affected device could cause a partial denial-of-service, preventing the device to operate normally. A restart is needed to restore normal operations."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-770: Allocation of Resources Without Limits or Throttling"}]}]}, "references": {"reference_data": [{"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-448291.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-448291.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T20:11:28.082Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-448291.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2021-25671", "datePublished": "2021-07-13T11:02:54", "dateReserved": "2021-01-21T00:00:00", "dateUpdated": "2024-08-03T20:11:28.082Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:rwg1.m12_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA9F44E3-B373-484D-AA90-B1B6DEF10D60", "versionEndExcluding": "1.16.16", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:rwg1.m12:-:*:*:*:*:*:*:*", "matchCriteriaId": "85DABF7F-79E4-4DDA-AB8E-7BA5556868EB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:rwg1.m12d_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E2187D88-2FDB-423A-8DC3-F9D3A862458B", "versionEndExcluding": "1.16.16", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:rwg1.m12d:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA59A914-1E04-4465-ADB5-AC20583C4360", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:rwg1.m8_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC82DD96-236B-4140-A682-2A2D24918F30", "versionEndExcluding": "1.16.16", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:rwg1.m8:-:*:*:*:*:*:*:*", "matchCriteriaId": "F23D72C3-DFDA-412D-8C7C-61AB6580C1A7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in RWG1.M12 (All versions < V1.16.16), RWG1.M12D (All versions < V1.16.16), RWG1.M8 (All versions < V1.16.16). Sending specially crafted ARP packets to an affected device could cause a partial denial-of-service, preventing the device to operate normally. A restart is needed to restore normal operations."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en RWG1.M12 (Todas las versiones anteriores a V1.16.16), RWG1.M12D (Todas las versiones anteriores a V1.16.16), RWG1.M8 (Todas las versiones anteriores a V1.16.16). El env\u00edo de paquetes ARP especialmente dise\u00f1ados hacia un dispositivo afectado podr\u00eda causar una denegaci\u00f3n de servicio parcial, previniendo que el dispositivo opere normalmente. Es necesario reiniciar el dispositivo para restablecer el funcionamiento normal"}], "id": "CVE-2021-25671", "lastModified": "2021-08-04T20:10:56.787", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-07-13T11:15:09.370", "references": [{"source": "productcert@siemens.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-448291.pdf"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "productcert@siemens.com", "type": "Primary"}]}