CVE-2021-25666

Published: Feb 9, 2021Modified: Jun 17, 2026

4.3

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions < V6.3). Sending specially crafted packets through the ARP protocol to an affected device could cause a partial denial-of-service, preventing the device to operate normally for a short period of time.

Affected (2)

Products: Siemens: Scalance W780 Firmware, Scalance W740 Firmware

2 products

Scalance W780 Firmware

Scalance W740 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance W780 Firmware	Before 6.3

Running on/with	Platform Versions
Siemens Scalance W780	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance W740 Firmware	Before 6.3

Running on/with	Platform Versions
Siemens Scalance W740	All versions

Related CWEs

Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

References (4)

https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf

Source: productcert@siemens.com

Vendor Advisory

https://us-cert.cisa.gov/ics/advisories/icsa-21-040-07

Source: productcert@siemens.com

Third Party AdvisoryVDB Entry

https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://us-cert.cisa.gov/ics/advisories/icsa-21-040-07

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.