Vulnerability in Siemens Ruggedcom Rm1224

CVE-2021-25676

A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication attempts could trigger a temporary Denial-…

EPSS: 0.003 (56.3th percentile) — read the EPSS interpretation.

Affected products

Siemens Ruggedcom Rm1224 — versions V6.3
Siemens Scalance M-800 — versions V6.3
Siemens Scalance S615 — versions V6.3
Siemens Scalance Sc-600 — versions All Versions >= V2.1 and < V2.1.3

Weakness classification (CWE)

CWE-307 — Improper Restriction of Excessive Authentication Attempts

References

cert-portal.siemens.com/productcert/pdf/ssa-296266.pdf (x_refsource_MISC)
us-cert.cisa.gov/ics/advisories/icsa-21-068-02 (x_refsource_CONFIRM)