CVE-2021-25668
First published: Thu Apr 22 2021(Updated: )
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the webserver may result in write out of bounds in heap. An attacker might leverage this to cause denial-of-service on the device and potentially remotely execute code.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Scalance X-200IRT | <5.5.1 | |
| Siemens SCALANCE X200-4PIRT | ||
| Siemens SCALANCE X201-3P IRT | <5.5.1 | |
| Siemens SCALANCE X201-3P IRT PRO | ||
| Siemens SCALANCE X201-3P IRT PRO | <5.5.1 | |
| Siemens Scalance X201-3P IRT Pro Firmware | ||
| Siemens SCALANCE X202-2IRT firmware | <5.5.1 | |
| Siemens SCALANCE X202-2IRT | ||
| Siemens SCALANCE X202-2P IRT PRO | <5.5.1 | |
| Siemens Scalance X202-2P IRT PRO Firmware | ||
| Siemens SCALANCE X204IRT Firmware | <5.5.1 | |
| Siemens SCALANCE X204IRT | ||
| Siemens Scalance X204IRT PRO Firmware | <5.5.1 | |
| Siemens SCALANCE X204IRT PRO | ||
| Siemens Scalance X204-2 | <5.2.5 | |
| Siemens Scalance X204-2 | ||
| Siemens Scalance X204-2FM Firmware | <5.2.5 | |
| Siemens SCALANCE X204-2FM | ||
| Siemens Scalance X204-2LD TS | <5.2.5 | |
| Siemens Scalance X204-2 Firmware | ||
| Siemens Scalance X204-2LD TS | <5.2.5 | |
| Siemens SCALANCE X204-2LD TS | ||
| Siemens Scalance X204-2TS | <5.2.5 | |
| Siemens SCALANCE X204-2TS | ||
| Siemens Scalance X206-1LD | <5.2.5 | |
| Siemens Scalance X206-1 Firmware | ||
| Siemens Scalance X206-1LD | <5.2.5 | |
| Siemens SCALANCE X206-1LD | ||
| Siemens Scalance X208 Pro Firmware | <5.2.5 | |
| Siemens Scalance X208 | ||
| Siemens Scalance X208 Pro Firmware | <5.2.5 | |
| Siemens Scalance X208 Pro Firmware | ||
| Siemens Scalance X212-2LD | <5.2.5 | |
| Siemens SCALANCE X212-2LD | ||
| Siemens Scalance X212-2LD Firmware | <5.2.5 | |
| Siemens Scalance X212-2LD Firmware | ||
| Siemens Scalance X216 Firmware | <5.2.5 | |
| Siemens SCALANCE X-200 Firmware | ||
| Siemens Scalance X224 Firmware | <5.2.5 | |
| Siemens Scalance X224 Firmware | ||
| Siemens Scalance XF201-3P IRT | <5.5.1 | |
| Siemens SCALANCE XF201-3P IRT | ||
| Siemens Scalance XF202-2P IRT | <5.5.1 | |
| Siemens SCALANCE XF202-2P IRT | ||
| Siemens Scalance XF204 Firmware | <5.2.5 | |
| Siemens Scalance XF204-2 Firmware | ||
| Siemens SCALANCE XF204IRT firmware | <5.5.1 | |
| Siemens SCALANCE XF204IRT (6GK5204-0BA00-2BF2) | ||
| Siemens Scalance XF204-2 Firmware | <5.2.5 | |
| Siemens SCALANCE XF204-2 | ||
| Siemens SCALANCE XF204-2BA IRT Firmware | <5.5.1 | |
| Siemens Scalance XF204-2BA IRT | ||
| Siemens Scalance XF206-1 | <5.2.5 | |
| Siemens SCALANCE XF206-1 | ||
| Siemens Scalance XF208 | <5.2.5 | |
| Siemens Scalance XF208 | ||
| Siemens SIPLUS NET SCALANCE X202-2P IRT | <5.5.1 | |
| Siemens SCALANCE X202-2P IRT firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2021-25668?
CVE-2021-25668 has been classified with a moderate severity level, highlighting its potential risk.
How do I fix CVE-2021-25668?
To remediate CVE-2021-25668, upgrade the affected SCALANCE devices to version 5.5.1 or later.
What devices are affected by CVE-2021-25668?
CVE-2021-25668 affects various models of SCALANCE X200, X201, X202, X204, and XF series devices with firmware versions below 5.5.1.
Is CVE-2021-25668 exploitable remotely?
Yes, CVE-2021-25668 can potentially be exploited remotely, allowing unauthorized access to affected devices.
What are the potential impacts of CVE-2021-25668?
Exploitation of CVE-2021-25668 could lead to unauthorized access, data leakage, or manipulation of the firmware configuration.
- agent/weakness
- agent/type
- agent/author
- agent/remedy
- agent/severity
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/siemens
- canonical/siemens scalance x-200irt
- canonical/siemens scalance x200-4pirt
- canonical/siemens scalance x201-3p irt
- canonical/siemens scalance x201-3p irt pro
- canonical/siemens scalance x201-3p irt pro firmware
- canonical/siemens scalance x202-2irt firmware
- canonical/siemens scalance x202-2irt
- canonical/siemens scalance x202-2p irt pro
- canonical/siemens scalance x202-2p irt pro firmware
- canonical/siemens scalance x204irt firmware
- canonical/siemens scalance x204irt
- canonical/siemens scalance x204irt pro firmware
- canonical/siemens scalance x204irt pro
- canonical/siemens scalance x204-2
- canonical/siemens scalance x204-2fm firmware
- canonical/siemens scalance x204-2fm
- canonical/siemens scalance x204-2ld ts
- canonical/siemens scalance x204-2 firmware
- canonical/siemens scalance x204-2ts
- canonical/siemens scalance x206-1ld
- canonical/siemens scalance x206-1 firmware
- canonical/siemens scalance x208 pro firmware
- canonical/siemens scalance x208
- canonical/siemens scalance x212-2ld
- canonical/siemens scalance x212-2ld firmware
- canonical/siemens scalance x216 firmware
- canonical/siemens scalance x-200 firmware
- canonical/siemens scalance x224 firmware
- canonical/siemens scalance xf201-3p irt
- canonical/siemens scalance xf202-2p irt
- canonical/siemens scalance xf204 firmware
- canonical/siemens scalance xf204-2 firmware
- canonical/siemens scalance xf204irt firmware
- canonical/siemens scalance xf204irt (6gk5204-0ba00-2bf2)
- canonical/siemens scalance xf204-2
- canonical/siemens scalance xf204-2ba irt firmware
- canonical/siemens scalance xf204-2ba irt
- canonical/siemens scalance xf206-1
- canonical/siemens scalance xf208
- canonical/siemens siplus net scalance x202-2p irt
- canonical/siemens scalance x202-2p irt firmware