ID

VAR-202104-1830


CVE

CVE-2021-25664


TITLE

Siemens Nucleus product IPv6 stack denial of service vulnerability (CNVD-2021-28696)

Trust: 0.6

sources: CNVD: CNVD-2021-28696

DESCRIPTION

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device. Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for the scalability and reliability of systems in aerospace, industrial and medical applications. VSTAR is a complete AUTOSAR 4 based ECU solution that provides tools and embedded software for timely product deployment. Nucleus ReadyStart is a platform with integrated software IP, tools and services. Siemens Nucleus products have security vulnerabilities. An attacker can use the vulnerability to put the function into infinity by providing an arbitrary length value. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 2.07

sources: NVD: CVE-2021-25664 // CNVD: CNVD-2021-28696 // CNNVD: CNNVD-202104-975 // VULMON: CVE-2021-25664

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-28696

AFFECTED PRODUCTS

vendor:siemensmodel:nucleus readystart v3scope:ltversion:2017.02.4

Trust: 1.0

vendor:siemensmodel:nucleus netscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:capital vstarscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:nucleus source codescope:eqversion: -

Trust: 1.0

vendor:siemensmodel:nucleus readystart v4scope:ltversion:4.1.0

Trust: 1.0

vendor:siemensmodel:vstarscope: - version: -

Trust: 0.6

vendor:siemensmodel:nucleus source codescope: - version: -

Trust: 0.6

vendor:siemensmodel:nucleus netscope: - version: -

Trust: 0.6

vendor:siemensmodel:nucleus readystartscope: - version: -

Trust: 0.6

vendor:siemensmodel:nucleusscope:eqversion:4<v4.1.0

Trust: 0.6

sources: CNVD: CNVD-2021-28696 // NVD: CVE-2021-25664

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-25664
value: HIGH

Trust: 1.0

productcert@siemens.com: CVE-2021-25664
value: HIGH

Trust: 1.0

CNVD: CNVD-2021-28696
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202104-993
value: HIGH

Trust: 0.6

VULMON: CVE-2021-25664
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-25664
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

CNVD: CNVD-2021-28696
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2021-25664
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

sources: CNVD: CNVD-2021-28696 // VULMON: CVE-2021-25664 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-993 // NVD: CVE-2021-25664 // NVD: CVE-2021-25664

PROBLEMTYPE DATA

problemtype:CWE-835

Trust: 1.0

sources: NVD: CVE-2021-25664

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202104-993

TYPE

other

Trust: 1.2

sources: CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-993

PATCH

title:Patch for Siemens Nucleus product IPv6 stack denial of service vulnerability (CNVD-2021-28696)url:https://www.cnvd.org.cn/patchInfo/show/258471

Trust: 0.6

title:siemens Nucleus Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147374

Trust: 0.6

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=2e667a20dc904cea13ad0154c0461a55

Trust: 0.1

sources: CNVD: CNVD-2021-28696 // VULMON: CVE-2021-25664 // CNNVD: CNNVD-202104-993

EXTERNAL IDS

db:NVDid:CVE-2021-25664

Trust: 2.3

db:SIEMENSid:SSA-248289

Trust: 2.3

db:ICS CERTid:ICSA-21-103-05

Trust: 1.7

db:CNVDid:CNVD-2021-28696

Trust: 0.6

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:CS-HELPid:SB2021041414

Trust: 0.6

db:AUSCERTid:ESB-2021.1245

Trust: 0.6

db:CNNVDid:CNNVD-202104-993

Trust: 0.6

db:VULMONid:CVE-2021-25664

Trust: 0.1

sources: CNVD: CNVD-2021-28696 // VULMON: CVE-2021-25664 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-993 // NVD: CVE-2021-25664

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf

Trust: 2.3

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-103-05

Trust: 2.3

url:https://cert-portal.siemens.com/productcert/html/ssa-248289.html

Trust: 1.0

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021041414

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1245

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-25664

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/835.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://cert-portal.siemens.com/productcert/txt/ssa-248289.txt

Trust: 0.1

sources: CNVD: CNVD-2021-28696 // VULMON: CVE-2021-25664 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-993 // NVD: CVE-2021-25664

CREDITS

Siemens reported these vulnerabilities to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202104-993

SOURCES

db:CNVDid:CNVD-2021-28696
db:VULMONid:CVE-2021-25664
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202104-993
db:NVDid:CVE-2021-25664

LAST UPDATE DATE

2024-08-14T12:45:26.695000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-28696date:2021-04-15T00:00:00
db:VULMONid:CVE-2021-25664date:2021-04-30T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202104-993date:2021-11-18T00:00:00
db:NVDid:CVE-2021-25664date:2024-02-13T09:15:43.397

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-28696date:2021-04-15T00:00:00
db:VULMONid:CVE-2021-25664date:2021-04-22T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202104-993date:2021-04-13T00:00:00
db:NVDid:CVE-2021-25664date:2021-04-22T21:15:09.990