Vulnerability identifier: #VU51378
Vulnerability risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-121
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
RUGGEDCOM RM1224
Hardware solutions /
Routers & switches, VoIP, GSM, etc
SCALANCE SC-600
Hardware solutions /
Routers & switches, VoIP, GSM, etc
SCALANCE X300WG
Hardware solutions /
Routers & switches, VoIP, GSM, etc
SCALANCE XR-500
Hardware solutions /
Routers & switches, VoIP, GSM, etc
SCALANCE XM-400
Hardware solutions /
Routers & switches, VoIP, GSM, etc
SCALANCE Xx200
Hardware solutions /
Routers & switches, VoIP, GSM, etc
SCALANCE M-800 / S615
Hardware solutions /
Firmware
Vendor: Siemens
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the handling of Spanning Tree Protocol (STP) Bridge Protocol Data Unit (BPDU) frames. A remote attacker on the local network can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
RUGGEDCOM RM1224: 4.3
SCALANCE M-800 / S615: 4.3
External links
http://ics-cert.us-cert.gov/advisories/icsa-21-068-03
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.