4.3
CVE-2021-25666
- EPSS 0.69%
- Veröffentlicht 09.02.2021 18:15:51
- Zuletzt bearbeitet 21.11.2024 05:55:15
- Quelle productcert@siemens.com
- CVE-Watchlists
- Unerledigt
A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions < V6.3). Sending specially crafted packets through the ARP protocol to an affected device could cause a partial denial-of-service, preventing the device to operate normally for a short period of time.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Siemens ≫ Scalance W780 Firmware Version < 6.3
Siemens ≫ Scalance W740 Firmware Version < 6.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.69% | 0.48 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
|
| nvd@nist.gov | 3.3 | 6.5 | 2.9 |
AV:A/AC:L/Au:N/C:N/I:N/A:P
|
CWE-770 Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf
https://us-cert.cisa.gov/ics/advisories/icsa-21-040-07