CVE-2021-25676

Summary

A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication attempts could trigger a temporary Denial-of-Service under certain conditions. When triggered, the device will reboot automatically.

Affected Software

VendorProductVersion RangeStatus
SiemensRUGGEDCOM RM1224V6.3affected
SiemensSCALANCE M-800V6.3affected
SiemensSCALANCE S615V6.3affected
SiemensSCALANCE SC-600All Versions >= V2.1 and < V2.1.3affected

Weaknesses

  • CWE-307: CWE-307: Improper Restriction of Excessive Authentication Attempts

ADP Enrichment

CVE Program Container

Additional References

References