Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-37182

A vulnerability has been identified in SCALANCE XM408-4C (All versions < V6.5), SCALANCE XM408-4C (L3 int.) (All versions < V6.5), SCALANCE XM408-8C (All versions < V6.5), SCALANCE XM408-8C (L3 int.) (All versions < V6.5), SCALANCE XM416-4C (All versions < V6.5), SCALANCE XM416-4C (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 1x230V (All versions < V6.5), SCALANCE XR524-8C, 1x230V (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 24V (All versions < V6.5), SCALANCE XR524-8C, 24V (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 2x230V (All versions < V6.5), SCALANCE XR524-8C, 2x230V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 1x230V (All versions < V6.5), SCALANCE XR526-8C, 1x230V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 24V (All versions < V6.5), SCALANCE XR526-8C, 24V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 2x230V (All versions < V6.5), SCALANCE XR526-8C, 2x230V (L3 int.) (All versions < V6.5), SCALANCE XR528-6M (All versions < V6.5), SCALANCE XR528-6M (2HR2) (All versions < V6.5), SCALANCE XR528-6M (2HR2, L3 int.) (All versions < V6.5), SCALANCE XR528-6M (L3 int.) (All versions < V6.5), SCALANCE XR552-12M (All versions < V6.5), SCALANCE XR552-12M (2HR2) (All versions < V6.5), SCALANCE XR552-12M (2HR2) (All versions < V6.5), SCALANCE XR552-12M (2HR2, L3 int.) (All versions < V6.5). The OSPF protocol implementation in affected devices fails to verify the checksum and length fields in the OSPF LS Update messages. An unauthenticated remote attacker could exploit this vulnerability to cause interruptions in the network by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device.

Published

2022-06-14T10:15:17.747

Last Modified

2024-11-21T06:14:48.583

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-354
Type: Primary
CWE-354

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	siemens	scalance_xm408-4c_firmware	< 6.5	Yes
Hardware	siemens	scalance_xm408-4c	-	No
Operating System	siemens	scalance_xm408-4c_l3_firmware	< 6.5	Yes
Hardware	siemens	scalance_xm408-4c_l3	-	No
Operating System	siemens	scalance_xm408-8c_firmware	< 6.5	Yes
Hardware	siemens	scalance_xm408-8c	-	No
Operating System	siemens	scalance_xm408-8c_l3_firmware	< 6.5	Yes
Hardware	siemens	scalance_xm408-8c_l3	-	No
Operating System	siemens	scalance_xm416-4c_firmware	< 6.5	Yes
Hardware	siemens	scalance_xm416-4c	-	No
Operating System	siemens	scalance_xm416-4c_l3_firmware	< 6.5	Yes
Hardware	siemens	scalance_xm416-4c_l3	-	No
Operating System	siemens	scalance_xr524-8c_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr524-8c	-	No
Operating System	siemens	scalance_xr524-8c_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr524-8c	-	No
Operating System	siemens	scalance_xr524-8c_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr524-8c	-	No
Operating System	siemens	scalance_xr524-8c_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr524-8c	-	No
Operating System	siemens	scalance_xr524-8c_l3_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr524-8c_l3	-	No
Operating System	siemens	scalance_xr524-8c_l3_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr524-8c_l3	-	No
Operating System	siemens	scalance_xr524-8c_l3_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr524-8c_l3	-	No
Operating System	siemens	scalance_xr524-8c_l3_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr524-8c_l3	-	No
Operating System	siemens	scalance_xr526-8c_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr526-8c	-	No
Operating System	siemens	scalance_xr526-8c_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr526-8c	-	No
Operating System	siemens	scalance_xr526-8c_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr526-8c	-	No
Operating System	siemens	scalance_xr526-8c_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr526-8c	-	No
Operating System	siemens	scalance_xr526-8c_l3_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr526-8c_l3	-	No
Operating System	siemens	scalance_xr526-8c_l3_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr526-8c_l3	-	No
Operating System	siemens	scalance_xr526-8c_l3_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr526-8c_l3	-	No
Operating System	siemens	scalance_xr526-8c_l3_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr526-8c_l3	-	No
Operating System	siemens	scalance_xr528-6m_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr528-6m	-	No
Operating System	siemens	scalance_xr528-6m_2hr2_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr528-6m_2hr2	-	No
Operating System	siemens	scalance_xr528-6m_2hr2_l3_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr528-6m_2hr2_l3	-	No
Operating System	siemens	scalance_xr528-6m_l3_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr528-6m_l3	-	No
Operating System	siemens	scalance_xr552-12m_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr552-12m	-	No
Operating System	siemens	scalance_xr552-12m_2hr2_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr552-12m_2hr2	-	No
Operating System	siemens	scalance_xr552-12m_2hr2_l3_firmware	< 6.5	Yes
Hardware	siemens	scalance_xr552-12m_2hr2_l3	-	No

References

https://cert-portal.siemens.com/productcert/pdf/ssa-145224.pdf Patch, Vendor Advisory ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-145224.pdf Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)