Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2021-25676.NASL
HistoryMar 27, 2023 - 12:00 a.m.

Siemens SCALANCE and RUGGEDCOM Devices SSH Improper Restriction of Excessive Authentication Attempts (CVE-2021-25676)

2023-03-2700:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
7
siemens
scalance
ruggedcom
ssh
authentication
denial-of-service
cve-2021-25676
vulnerability
firewall
update
industrial security
cisa

0.001 Low

EPSS

Percentile

44.9%

JSON

A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication attempts could trigger a temporary Denial-of-Service under certain conditions. When triggered, the device will reboot automatically.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(500902);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/04");

  script_cve_id("CVE-2021-25676");

  script_name(english:"Siemens SCALANCE and RUGGEDCOM Devices SSH Improper Restriction of Excessive Authentication Attempts (CVE-2021-25676)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3),
SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All
Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication
attempts could trigger a temporary Denial-of-Service under certain
conditions. When triggered, the device will reboot automatically.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdf");
  script_set_attribute(attribute:"see_also", value:"https://us-cert.cisa.gov/ics/advisories/icsa-21-068-02");
  script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

Siemens recommends applying updates where applicable:

- SCALANCE SC-600: Update to v2.1.3 or later

- RUGGEDCOM RM1224: Update to v6.4 or later
- SCALANCE M-800/S615: Update to v6.4 or later

Siemens has identified the following specific workarounds and mitigations users can apply to reduce the risk:

- Configure the built-in firewall to only allow SSH incoming connections from trusted IP addresses.

As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate
mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the
environment according to the Siemens operational guidelines for Industrial Security and following the recommendations in
the product manuals.

For additional information, please refer to Siemens Security Advisory SSA-296266");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-25676");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_cwe_id(307);

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/03/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/03/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/03/27");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:ruggedcom_rm1224_firmware:6.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_m-800_series_firmware:6.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_s615_firmware:6.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_sc-600_series_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Siemens");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Siemens');

var asset = tenable_ot::assets::get(vendor:'Siemens');

var vuln_cpes = {
    "cpe:/o:siemens:ruggedcom_rm1224_firmware:6.3" :
        {"versionEndIncluding" : "6.3", "versionStartIncluding" : "6.3", "family" : "RuggedCom"},
    "cpe:/o:siemens:scalance_m-800_series_firmware:6.3" :
        {"versionEndIncluding" : "6.3", "versionStartIncluding" : "6.3", "family" : "SCALANCEM"},
    "cpe:/o:siemens:scalance_s615_firmware:6.3" :
        {"versionEndIncluding" : "6.3", "versionStartIncluding" : "6.3", "family" : "SCALANCES"},
    "cpe:/o:siemens:scalance_sc-600_series_firmware" :
        {"versionEndExcluding" : "2.1.3", "versionStartIncluding" : "2.1", "family" : "SCALANCES"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
VendorProductVersionCPE
siemensruggedcom_rm1224_firmware6.3cpe:/o:siemens:ruggedcom_rm1224_firmware:6.3
siemensscalance_m-800_series_firmware6.3cpe:/o:siemens:scalance_m-800_series_firmware:6.3
siemensscalance_s615_firmware6.3cpe:/o:siemens:scalance_s615_firmware:6.3
siemensscalance_sc-600_series_firmwarecpe:/o:siemens:scalance_sc-600_series_firmware

Related

ics 1
cvelist 1
nvd 1
cve 1
prion 1
ics
ics
Siemens SCALANCE and RUGGEDCOM Devices SSH (Update A)
2021-04-13 12:00:00
cvelist
cvelist
CVE-2021-25676
2021-03-15 17:03:31
nvd
nvd
CVE-2021-25676
2021-03-15 17:15:22
cve
cve
CVE-2021-25676
2021-03-15 17:15:22
prion
prion
Authentication flaw
2021-03-15 17:15:00

0.001 Low

EPSS

Percentile

44.9%

JSON
Related for TENABLE_OT_SIEMENS_CVE-2021-25676.NASL
ics1cvelist1nvd1cve1prion1