Denial of service in Siemens RUGGEDCOM ROX products

1) Input validation error

EUVDB-ID: #VU53609

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-25217

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack or gain access to sensitive information.

The vulnerability exists due to insufficient validation of options data stored in DHCP leases. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack or gain access to sensitive information.

Both dhcpd and dhclient are affected by the vulnerability.

Mitigation

Install update from vendor's website.

Vulnerable software versions

RUGGEDCOM ROX RX5000: 2.3.0

RUGGEDCOM ROX RX1512: 2.3.0

RUGGEDCOM ROX RX1511: 2.3.0

RUGGEDCOM ROX RX1510: 2.3.0

RUGGEDCOM ROX RX1501: 2.3.0

RUGGEDCOM ROX RX1500: 2.3.0

RUGGEDCOM ROX MX5000: 2.3.0

RUGGEDCOM ROX RX1536: before 2.15.0

RUGGEDCOM ROX RX1524: before 2.15.0

RUGGEDCOM ROX RX1400: before 2.15.0

External links

http://cert-portal.siemens.com/productcert/txt/ssa-406691.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.