CVE-2021-20987
8.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without recovery.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Hilscher | EtherNet/IP Core V2 | V2 < V2.13.0.21 | affected |
| Pepper+Fuchs | PCV/PXV/PGV | PXV100-F200-B25-V1D, PXV100I-F200-B25-V1D, PCV100-F200-B25-V1D-6011-6720, PCV50-F200-B25-V1D, PCV80-F200-B25-V1D, PCV100-F200-B25-V1D-6011 <= V1.10.0 | affected |
| Pepper+Fuchs | WCS | WCS3B-LS510, WCS3B-LS510H, WCS3B-LS510D, WCS3B-LS510DH, WCS3B-LS510H-OM, WCS3B-LS510DH-OM, WCS3B-LS510D-OM, WCS3B-LS510-OM <= V1.2.1 | affected |
Weaknesses
- CWE-787: CWE-787 Out-of-bounds Write
ADP Enrichment
CVE Program Container
Additional References
- https://kb.hilscher.com/pages/viewpage.action?pageId=108969480
- https://cert.vde.com/en-us/advisories/vde-2021-007
References
- https://kb.hilscher.com/pages/viewpage.action?pageId=108969480
- https://cert.vde.com/en-us/advisories/vde-2021-007
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.