Detections
Analytics

Siemens SCALANCE and RUGGEDCOM Devices SSH Improper Restriction of Excessive Authentication Attempts (CVE-2021-25676)

high Tenable OT Security Plugin ID 500902

Synopsis

The remote OT asset is affected by a vulnerability.

Description

A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication attempts could trigger a temporary Denial-of-Service under certain conditions. When triggered, the device will reboot automatically.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Siemens recommends applying updates where applicable:

- SCALANCE SC-600: Update to v2.1.3 or later

- RUGGEDCOM RM1224: Update to v6.4 or later
- SCALANCE M-800/S615: Update to v6.4 or later

Siemens has identified the following specific workarounds and mitigations users can apply to reduce the risk:

- Configure the built-in firewall to only allow SSH incoming connections from trusted IP addresses.

As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to the Siemens operational guidelines for Industrial Security and following the recommendations in the product manuals.

For additional information, please refer to Siemens Security Advisory SSA-296266

See Also

https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdf

https://us-cert.cisa.gov/ics/advisories/icsa-21-068-02

Plugin Details

Severity: High

ID: 500902

Version: 1.6

Type: remote

Family: Tenable.ot

Published: 3/27/2023

Updated: 3/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2021-25676

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:siemens:ruggedcom_rm1224_firmware:6.3, cpe:/o:siemens:scalance_m-800_series_firmware:6.3, cpe:/o:siemens:scalance_s615_firmware:6.3, cpe:/o:siemens:scalance_sc-600_series_firmware

Required KB Items: Tenable.ot/Siemens

Exploit Ease: No known exploits are available

Patch Publication Date: 3/15/2021

Vulnerability Publication Date: 3/15/2021

Reference Information

CVE: CVE-2021-25676

CWE: 307