Cyber Resilience

CVE-2021-25667

HighUpdated

Published: 15 March 2021

Published
15 March 2021
Modified
02 June 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0031 54.2th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-25667 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Siemens Scalance Sc622-2C Firmware. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 45.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0…

more

and < V2.1.3), SCALANCE XB-200 (All versions < V4.1), SCALANCE XC-200 (All versions < V4.1), SCALANCE XF-200BA (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XP-200 (All versions < V4.1), SCALANCE XR-300WG (All versions < V4.1), SCALANCE XR500 (All versions < V6.2). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

siemens
ruggedcom rm1224 firmware
4.3 — 6.4
siemens
scalance m-800 firmware
4.3 — 6.4
siemens
scalance s615 firmware
4.3 — 6.4
siemens
scalance x300wg firmware
≤ 4.1
siemens
scalance xm400 firmware
≤ 6.2
siemens
scalance xr500 firmware
≤ 6.2
siemens
scalance sc622-2c firmware
≤ 2.0 · 2.1 — 2.1.3
siemens
scalance sc632-2c firmware
≤ 2.0 · 2.1 — 2.1.3
siemens
scalance sc636-2c firmware
≤ 2.0 · 2.1 — 2.1.3
siemens
scalance sc642-2c firmware
≤ 2.0 · 2.1 — 2.1.3
+5 more product configuration(s) — see NVD for full list

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-787

Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.

References