Vulnerability Description
A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication attempts could trigger a temporary Denial-of-Service under certain conditions. When triggered, the device will reboot automatically.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Ruggedcom Rm1224 Firmware | 6.3 |
| Siemens | Ruggedcom Rm1224 | - |
| Siemens | Scalance M-800 Firmware | 6.3 |
| Siemens | Scalance M-800 | - |
| Siemens | Scalance S615 Firmware | 6.3 |
| Siemens | Scalance S615 | - |
| Siemens | Scalance Sc-600 Firmware | >= 2.1, < 2.1.3 |
| Siemens | Scalance Sc-600 | - |
Related Weaknesses (CWE)
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdfVendor Advisory
- https://us-cert.cisa.gov/ics/advisories/icsa-21-068-02Third Party AdvisoryUS Government Resource
- https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdfVendor Advisory
- https://us-cert.cisa.gov/ics/advisories/icsa-21-068-02Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2021-25676?
CVE-2021-25676 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication att...
How severe is CVE-2021-25676?
CVE-2021-25676 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-25676?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Ruggedcom Rm1224 Firmware, Siemens Ruggedcom Rm1224, Siemens Scalance M-800 Firmware, Siemens Scalance M-800, Siemens Scalance S615 Firmware.