Headline
CVE-2021-25667
A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions < V4.1), SCALANCE XC-200 (All versions < V4.1), SCALANCE XF-200BA (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XP-200 (All versions < V4.1), SCALANCE XR-300WG (All versions < V4.1), SCALANCE XR500 (All versions < V6.2). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active.
%PDF-1.5 %���� 1 0 obj << /D [2 0 R /XYZ 70.866 771.024 null] >> endobj 3 0 obj << /D [2 0 R /XYZ 70.866 630.026 null] >> endobj 4 0 obj << /D [5 0 R /XYZ 70.866 707.065 null] >> endobj 6 0 obj << /D [5 0 R /XYZ 70.866 635.907 null] >> endobj 7 0 obj << /D [8 0 R /XYZ 85.039 685.063 null] >> endobj 9 0 obj << /D [8 0 R /XYZ 70.866 490.752 null] >> endobj 10 0 obj << /S /GoTo /D [2 0 R /Fit] >> endobj 2 0 obj << /Contents 11 0 R /Type /Page /Resources 12 0 R /Parent 13 0 R /Annots [14 0 R 15 0 R 16 0 R 17 0 R 18 0 R 19 0 R 20 0 R 21 0 R 22 0 R 23 0 R 24 0 R 25 0 R 26 0 R 27 0 R 28 0 R 29 0 R 30 0 R 31 0 R 32 0 R 33 0 R] /MediaBox [0 0 595.276 841.89] >> endobj 14 0 obj << /A << /S /URI /Type /Action /URI (https://support.industry.siemens.com/cs/ww/en/view/109794349/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 470.474 518.276 481.891] >> endobj 16 0 obj << /A << /S /URI /Type /Action /URI (https://support.industry.siemens.com/cs/ww/en/view/109794349/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 428.434 518.276 439.851] >> endobj 18 0 obj << /A << /S /URI /Type /Action /URI (https://support.industry.siemens.com/cs/ww/en/view/109794349/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 386.394 518.276 397.811] >> endobj 20 0 obj << /A << /S /URI /Type /Action /URI (https://support.industry.siemens.com/cs/ww/en/view/109793041/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 344.353 518.276 355.771] >> endobj 22 0 obj << /A << /S /URI /Type /Action /URI (https://support.industry.siemens.com/cs/ww/en/view/109762982/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 302.313 518.276 313.73] >> endobj 24 0 obj << /A << /S /URI /Type /Action /URI (https://support.industry.siemens.com/cs/ww/en/view/109762982/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 260.273 518.276 271.69] >> endobj 26 0 obj << /A << /S /URI /Type /Action /URI (https://support.industry.siemens.com/cs/ww/en/view/109762982/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 218.232 518.276 229.65] >> endobj 28 0 obj << /A << /S /URI /Type /Action /URI (https://support.industry.siemens.com/cs/ww/en/view/109764409/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 176.192 518.276 187.609] >> endobj 30 0 obj << /A << /S /URI /Type /Action /URI (https://support.industry.siemens.com/cs/ww/en/view/109762982/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 134.152 518.276 145.569] >> endobj 32 0 obj << /A << /S /URI /Type /Action /URI (https://support.industry.siemens.com/cs/ww/en/view/109762982/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 92.112 518.276 103.529] >> endobj 34 0 obj << /A << /S /URI /Type /Action /URI (https://support.industry.siemens.com/cs/ww/en/view/109761425/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 732.465 518.276 743.882] >> endobj 12 0 obj << /ProcSet [/PDF /Text] /Font << /F48 35 0 R /F45 36 0 R >> >> endobj 11 0 obj << /Filter /FlateDecode /Length 2251 >> stream x��[[s�F~��У� M�/SI�<؞��x�<٭$�gT��+ {��s�[��XD�Ƀ�h�O����sZ| p�����dt�E`��Tӻ@a���1HL����$���e6R��I<[��!a���N�I��A��b�ˀn�+˯��|=���7�=�>���|z� �<+ �b$�ݟ��;���OF����ͼ�`Hp`r�� .�*_+2�yJH�5�’Ssd߈���a�p��$"R���2J�wu����6��4}�|K��K�FS���+La�cA�l��[ן�vhcA��(��V2@+#�>�0�uՀ��8� c�2���aJ�Ya"�U(5CLȽV�0�p�e����z����K����lλ��i�HːR���g���N8�e��6�t’�v�+@ګ�fv�4�~<�4>��ϵF����S֤?���V0������$!U���1���`"��=�*�Pm ��2�7�����Ç���eC ����ρ7�)J�n#APd��(m ���6q<&�8s����2 ������2��-�Y�’��/xgQ��Ҩ9 )d�!fCl� w@1B���,�kn�~�P������U�u���b���a�f�;��D��3A�q����/z����GY\���*� ()B��S��xHH�����fQ�A��e�q{yyz38���|��ry�_�_�a�]� T�3��EB�������P̵�����ο�ߊ)����Y���c�3���<���ǒX$Y���Qj��Sj� Hxg��gϓ}e��`2�pB�t&G���]�p&� 'K�ꍁ��(�o�p*.��W��+��4.WF�������������.Q��&��c!aU���Y!�P:���V�th#� ���$ ��9�v�WM�@�&���C