CVE-2021-20987

Summary

A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without recovery.

Affected Software

VendorProductVersion RangeStatus
HilscherEtherNet/IP Core V2V2 < V2.13.0.21affected
Pepper+FuchsPCV/PXV/PGVPXV100-F200-B25-V1D, PXV100I-F200-B25-V1D, PCV100-F200-B25-V1D-6011-6720, PCV50-F200-B25-V1D, PCV80-F200-B25-V1D, PCV100-F200-B25-V1D-6011 <= V1.10.0affected
Pepper+FuchsWCSWCS3B-LS510, WCS3B-LS510H, WCS3B-LS510D, WCS3B-LS510DH, WCS3B-LS510H-OM, WCS3B-LS510DH-OM, WCS3B-LS510D-OM, WCS3B-LS510-OM <= V1.2.1affected

Weaknesses

  • CWE-787: CWE-787 Out-of-bounds Write

ADP Enrichment

CVE Program Container

Additional References

References