CVE-2021-25671

Published: Jul 13, 2021Modified: Jun 17, 2026

4.3

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

A vulnerability has been identified in RWG1.M12 (All versions < V1.16.16), RWG1.M12D (All versions < V1.16.16), RWG1.M8 (All versions < V1.16.16). Sending specially crafted ARP packets to an affected device could cause a partial denial-of-service, preventing the device to operate normally. A restart is needed to restore normal operations.

Affected (3)

Products: Siemens: Rwg1.m12 Firmware, Rwg1.m12d Firmware, Rwg1.m8 Firmware

3 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Rwg1.m12 Firmware	Before 1.16.16

Running on/with	Platform Versions
Siemens Rwg1.m12	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Rwg1.m12d Firmware	Before 1.16.16

Running on/with	Platform Versions
Siemens Rwg1.m12d	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Rwg1.m8 Firmware	Before 1.16.16

Running on/with	Platform Versions
Siemens Rwg1.m8	All versions

Related CWEs

CWE-770

Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

References (2)

https://cert-portal.siemens.com/productcert/pdf/ssa-448291.pdf

Source: productcert@siemens.com

PatchVendor Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-448291.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.