Siemens RWG Universal Controllers

🗓️ 13 Jul 2021 00:00:00Reported by Industrial Control Systems Cyber Emergency Response TeamType

ics🔗 www.cisa.gov👁 37 Views

Siemens RWG Universal Controllers are vulnerable to Allocation of Resources Without Limits or Throttling, leading to a denial-of-service condition. Mitigations include logging into the RWG Controller Graphical programming platform, implementing trusted system connections, and following Siemens operational guidelines for Industrial Security

Reporter	Title	Published	Views	Family All 8
CNNVD	Siemens RWG 安全漏洞	13 Jul 202100:00	–	cnnvd
CVE	CVE-2021-25671	13 Jul 202111:02	–	cve
Cvelist	CVE-2021-25671	13 Jul 202111:02	–	cvelist
EUVD	EUVD-2021-12563	7 Oct 202500:30	–	euvd
NVD	CVE-2021-25671	13 Jul 202111:15	–	nvd
OSV	CVE-2021-25671	13 Jul 202111:15	–	osv
Prion	Design/Logic Flaw	13 Jul 202111:15	–	prion
RedhatCVE	CVE-2021-25671	22 May 202521:37	–	redhatcve

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/csaf/ssa-448291.json
cert-portal	www.cert-portal.siemens.com/productcert/txt/ssa-448291.txt
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-448291.pdf
raw	www.raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-194-14.json
cisa	www.cisa.gov/news-events/ics-advisories/icsa-21-194-14
cisa	www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01
cisa	www.cisa.gov/resources-tools/resources/ics-recommended-practices
cisa	www.cisa.gov/topics/industrial-control-systems
us-cert	www.us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf
cisa	www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf

13 Jul 2021 00:00Current

4.8Medium risk

Vulners AI Score4.8

CVSS 23.3

CVSS 3.14.3

EPSS0.00375