Details of VAR-202104-1830

ID

VAR-202104-1830

CVE

CVE-2021-25664

TITLE

Siemens Nucleus product IPv6 stack denial of service vulnerability (CNVD-2021-28696)

Trust: 0.6

sources: CNVD: CNVD-2021-28696

DESCRIPTION

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device. Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for the scalability and reliability of systems in aerospace, industrial and medical applications. VSTAR is a complete AUTOSAR 4 based ECU solution that provides tools and embedded software for timely product deployment. Nucleus ReadyStart is a platform with integrated software IP, tools and services. Siemens Nucleus products have security vulnerabilities. An attacker can use the vulnerability to put the function into infinity by providing an arbitrary length value. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 2.07

sources: NVD: CVE-2021-25664 // CNVD: CNVD-2021-28696 // CNNVD: CNNVD-202104-975 // VULMON: CVE-2021-25664

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-28696

AFFECTED PRODUCTS

vendor:	siemens	model:	nucleus readystart v3	scope:	lt	version:	2017.02.4	Trust: 1.0
vendor:	siemens	model:	nucleus net	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	capital vstar	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	nucleus source code	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	nucleus readystart v4	scope:	lt	version:	4.1.0	Trust: 1.0
vendor:	siemens	model:	vstar	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	nucleus source code	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	nucleus net	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	nucleus readystart	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	nucleus	scope:	eq	version:	4<v4.1.0	Trust: 0.6

sources: CNVD: CNVD-2021-28696 // NVD: CVE-2021-25664

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-25664
value:	HIGH
Trust: 1.0
productcert@siemens.com:	CVE-2021-25664
value:	HIGH
Trust: 1.0
CNVD:	CNVD-2021-28696
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202104-993
value:	HIGH
Trust: 0.6
VULMON:	CVE-2021-25664
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-25664
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
CNVD:	CNVD-2021-28696
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2021-25664
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 2.0

sources: CNVD: CNVD-2021-28696 // VULMON: CVE-2021-25664 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-993 // NVD: CVE-2021-25664 // NVD: CVE-2021-25664

PROBLEMTYPE DATA

problemtype:

CWE-835

Trust: 1.0

sources: NVD: CVE-2021-25664

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202104-993

TYPE

other

Trust: 1.2

sources: CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-993

PATCH

title:	Patch for Siemens Nucleus product IPv6 stack denial of service vulnerability (CNVD-2021-28696)	url:	https://www.cnvd.org.cn/patchInfo/show/258471	Trust: 0.6
title:	siemens Nucleus Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147374	Trust: 0.6
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=2e667a20dc904cea13ad0154c0461a55	Trust: 0.1

sources: CNVD: CNVD-2021-28696 // VULMON: CVE-2021-25664 // CNNVD: CNNVD-202104-993

EXTERNAL IDS

db:	NVD	id:	CVE-2021-25664	Trust: 2.3
db:	SIEMENS	id:	SSA-248289	Trust: 2.3
db:	ICS CERT	id:	ICSA-21-103-05	Trust: 1.7
db:	CNVD	id:	CNVD-2021-28696	Trust: 0.6
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	CS-HELP	id:	SB2021041414	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1245	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-993	Trust: 0.6
db:	VULMON	id:	CVE-2021-25664	Trust: 0.1

sources: CNVD: CNVD-2021-28696 // VULMON: CVE-2021-25664 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-993 // NVD: CVE-2021-25664

REFERENCES

url:	https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf	Trust: 2.3
url:	https://us-cert.cisa.gov/ics/advisories/icsa-21-103-05	Trust: 2.3
url:	https://cert-portal.siemens.com/productcert/html/ssa-248289.html	Trust: 1.0
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021041414	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1245	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-25664	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/835.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://cert-portal.siemens.com/productcert/txt/ssa-248289.txt	Trust: 0.1

sources: CNVD: CNVD-2021-28696 // VULMON: CVE-2021-25664 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-993 // NVD: CVE-2021-25664

CREDITS

Siemens reported these vulnerabilities to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202104-993

SOURCES

db:	CNVD	id:	CNVD-2021-28696
db:	VULMON	id:	CVE-2021-25664
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202104-993
db:	NVD	id:	CVE-2021-25664

LAST UPDATE DATE

2024-08-14T12:45:26.695000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2021-28696	date:	2021-04-15T00:00:00
db:	VULMON	id:	CVE-2021-25664	date:	2021-04-30T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202104-993	date:	2021-11-18T00:00:00
db:	NVD	id:	CVE-2021-25664	date:	2024-02-13T09:15:43.397

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2021-28696	date:	2021-04-15T00:00:00
db:	VULMON	id:	CVE-2021-25664	date:	2021-04-22T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202104-993	date:	2021-04-13T00:00:00
db:	NVD	id:	CVE-2021-25664	date:	2021-04-22T21:15:09.990