Details of VAR-202206-1063

ID

VAR-202206-1063

CVE

CVE-2021-37182

TITLE

Vulnerability related to insufficient data integrity verification in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2021-019921

DESCRIPTION

A vulnerability has been identified in SCALANCE XM408-4C (All versions < V6.5), SCALANCE XM408-4C (L3 int.) (All versions < V6.5), SCALANCE XM408-8C (All versions < V6.5), SCALANCE XM408-8C (L3 int.) (All versions < V6.5), SCALANCE XM416-4C (All versions < V6.5), SCALANCE XM416-4C (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 1x230V (All versions < V6.5), SCALANCE XR524-8C, 1x230V (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 24V (All versions < V6.5), SCALANCE XR524-8C, 24V (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 2x230V (All versions < V6.5), SCALANCE XR524-8C, 2x230V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 1x230V (All versions < V6.5), SCALANCE XR526-8C, 1x230V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 24V (All versions < V6.5), SCALANCE XR526-8C, 24V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 2x230V (All versions < V6.5), SCALANCE XR526-8C, 2x230V (L3 int.) (All versions < V6.5), SCALANCE XR528-6M (All versions < V6.5), SCALANCE XR528-6M (2HR2) (All versions < V6.5), SCALANCE XR528-6M (2HR2, L3 int.) (All versions < V6.5), SCALANCE XR528-6M (L3 int.) (All versions < V6.5), SCALANCE XR552-12M (All versions < V6.5), SCALANCE XR552-12M (2HR2) (All versions < V6.5), SCALANCE XR552-12M (2HR2) (All versions < V6.5), SCALANCE XR552-12M (2HR2, L3 int.) (All versions < V6.5). The OSPF protocol implementation in affected devices fails to verify the checksum and length fields in the OSPF LS Update messages. An unauthenticated remote attacker could exploit this vulnerability to cause interruptions in the network by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device. SCALANCE XM-408-4C firmware, scalance xm408-4c l3 firmware, SCALANCE XM-408-8C Multiple Siemens products such as firmware contain vulnerabilities related to insufficient data integrity verification.Service operation interruption (DoS) It may be in a state. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) or human-machine interfaces (HMIs)

Trust: 2.25

sources: NVD: CVE-2021-37182 // JVNDB: JVNDB-2021-019921 // CNVD: CNVD-2022-45235 // VULMON: CVE-2021-37182

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-45235

AFFECTED PRODUCTS

vendor:	siemens	model:	scalance xr552-12m	scope:	lt	version:	6.5	Trust: 3.4
vendor:	siemens	model:	scalance xr528-6m	scope:	lt	version:	6.5	Trust: 3.4
vendor:	siemens	model:	scalance xm416-4c	scope:	lt	version:	6.5	Trust: 2.2
vendor:	siemens	model:	scalance xm408-8c	scope:	lt	version:	6.5	Trust: 2.2
vendor:	siemens	model:	scalance xm408-4c	scope:	lt	version:	6.5	Trust: 2.2
vendor:	siemens	model:	scalance xr526-8c,2x230v	scope:	lt	version:	6.5	Trust: 1.2
vendor:	siemens	model:	scalance xr526-8c,1x230v	scope:	lt	version:	6.5	Trust: 1.2
vendor:	siemens	model:	scalance xr524-8c,2x230v	scope:	lt	version:	6.5	Trust: 1.2
vendor:	siemens	model:	scalance xr524-8c,1x230v	scope:	lt	version:	6.5	Trust: 1.2
vendor:	siemens	model:	scalance xr552-12m 2hr2	scope:	lt	version:	6.5	Trust: 1.0
vendor:	siemens	model:	scalance xm408-8c l3	scope:	lt	version:	6.5	Trust: 1.0
vendor:	siemens	model:	scalance xr528-6m 2hr2	scope:	lt	version:	6.5	Trust: 1.0
vendor:	siemens	model:	scalance xm416-4c l3	scope:	lt	version:	6.5	Trust: 1.0
vendor:	siemens	model:	scalance xr526-8c	scope:	lt	version:	6.5	Trust: 1.0
vendor:	siemens	model:	scalance xr524-8c	scope:	lt	version:	6.5	Trust: 1.0
vendor:	siemens	model:	scalance xr552-12m 2hr2 l3	scope:	lt	version:	6.5	Trust: 1.0
vendor:	siemens	model:	scalance xr528-6m 2hr2 l3	scope:	lt	version:	6.5	Trust: 1.0
vendor:	siemens	model:	scalance xr528-6m l3	scope:	lt	version:	6.5	Trust: 1.0
vendor:	siemens	model:	scalance xr524-8c l3	scope:	lt	version:	6.5	Trust: 1.0
vendor:	siemens	model:	scalance xm408-4c l3	scope:	lt	version:	6.5	Trust: 1.0
vendor:	siemens	model:	scalance xr526-8c l3	scope:	lt	version:	6.5	Trust: 1.0
vendor:	シーメンス	model:	scalance xr524-8c	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	scalance xm-408-8c	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	scalance xr526-8c l3	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	scalance xm-426-4c	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	scalance xm-416-4c 13	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	scalance xm-408-4c	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	scalance xr524-8c l3	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	scalance xm408-4c l3	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	scalance xr526-8c	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	scalance xm-408-8c 13	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	scalance xr526-8c	scope:	eq	version:	24v<6.5	Trust: 0.6
vendor:	siemens	model:	scalance xr526-8c,24v	scope:	lt	version:	6.5	Trust: 0.6
vendor:	siemens	model:	scalance xr524-8c	scope:	eq	version:	24v<6.5	Trust: 0.6
vendor:	siemens	model:	scalance xr524-8c,24v	scope:	lt	version:	6.5	Trust: 0.6

sources: CNVD: CNVD-2022-45235 // JVNDB: JVNDB-2021-019921 // NVD: CVE-2021-37182

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2021-37182
value:	HIGH
Trust: 1.8
CNVD:	CNVD-2022-45235
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202206-1281
value:	HIGH
Trust: 0.6
VULMON:	CVE-2021-37182
value:	MEDIUM
Trust: 0.1

NVD:
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2021-37182
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.9
CNVD:	CNVD-2022-45235
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

NVD:
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2021-37182
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2022-45235 // VULMON: CVE-2021-37182 // JVNDB: JVNDB-2021-019921 // CNNVD: CNNVD-202206-1281 // NVD: CVE-2021-37182

PROBLEMTYPE DATA

problemtype:	CWE-354	Trust: 1.0
problemtype:	Incomplete data integrity verification (CWE-354) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-019921 // NVD: CVE-2021-37182

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202206-1281

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202206-1281

CONFIGURATIONS

sources: NVD: CVE-2021-37182

PATCH

title:

Siemens SCALANCE Security vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=198105

Trust: 0.6

sources: CNNVD: CNNVD-202206-1281

EXTERNAL IDS

db:	NVD	id:	CVE-2021-37182	Trust: 3.9
db:	SIEMENS	id:	SSA-145224	Trust: 3.1
db:	ICS CERT	id:	ICSA-22-167-10	Trust: 1.5
db:	JVN	id:	JVNVU99030761	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-019921	Trust: 0.8
db:	CNVD	id:	CNVD-2022-45235	Trust: 0.6
db:	CNNVD	id:	CNNVD-202206-1281	Trust: 0.6
db:	VULMON	id:	CVE-2021-37182	Trust: 0.1

sources: CNVD: CNVD-2022-45235 // VULMON: CVE-2021-37182 // JVNDB: JVNDB-2021-019921 // CNNVD: CNNVD-202206-1281 // NVD: CVE-2021-37182

REFERENCES

url:	https://cert-portal.siemens.com/productcert/pdf/ssa-145224.pdf	Trust: 2.5
url:	https://jvn.jp/vu/jvnvu99030761/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-37182	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-22-167-10	Trust: 0.8
url:	https://cert-portal.siemens.com/productcert/html/ssa-145224.html	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2021-37182/	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-22-167-10	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/354.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-10	Trust: 0.1

sources: CNVD: CNVD-2022-45235 // VULMON: CVE-2021-37182 // JVNDB: JVNDB-2021-019921 // CNNVD: CNNVD-202206-1281 // NVD: CVE-2021-37182

CREDITS

Siemens reported this vulnerability to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202206-1281

SOURCES

db:	CNVD	id:	CNVD-2022-45235
db:	VULMON	id:	CVE-2021-37182
db:	JVNDB	id:	JVNDB-2021-019921
db:	CNNVD	id:	CNNVD-202206-1281
db:	NVD	id:	CVE-2021-37182

LAST UPDATE DATE

2024-02-13T01:09:15.285000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2022-45235	date:	2022-06-15T00:00:00
db:	VULMON	id:	CVE-2021-37182	date:	2022-06-27T00:00:00
db:	JVNDB	id:	JVNDB-2021-019921	date:	2023-08-25T08:15:00
db:	CNNVD	id:	CNNVD-202206-1281	date:	2022-06-30T00:00:00
db:	NVD	id:	CVE-2021-37182	date:	2022-06-27T17:40:10.977

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2022-45235	date:	2022-06-15T00:00:00
db:	VULMON	id:	CVE-2021-37182	date:	2022-06-14T00:00:00
db:	JVNDB	id:	JVNDB-2021-019921	date:	2023-08-25T00:00:00
db:	CNNVD	id:	CNNVD-202206-1281	date:	2022-06-14T00:00:00
db:	NVD	id:	CVE-2021-37182	date:	2022-06-14T10:15:17.747