CVE-2021-20988

Summary

In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by the packet. This may lead to a denial of service of the affected device.

Affected Software

VendorProductVersion RangeStatus
HilscherrcX RTOSunspecified < V2.1.14.1affected
Pepperl+FuchsEthernet IO Modules ICE1-16ICE1-16DI-G60L-V1D <= F10017affected
Pepperl+FuchsEthernet IO Modules ICE1-16ICE1-16DIO-G60L-C1-V1D <= F10017affected
Pepperl+FuchsEthernet IO Modules ICE1-16ICE1-16DIO-G60L-V1D <= F10017affected
Pepperl+FuchsEthernet IO Modules ICE1-8ICE1-8DI8DO-G60L-C1-V1D <= F10017affected
Pepperl+FuchsEthernet IO Modules ICE1-8ICE1-8DI8DO-G60L-V1D <= F10017affected
Pepperl+FuchsEthernet IO Modules ICE1-8ICE1-8IOL-G30L-V1D <= F10017affected
Pepperl+FuchsEthernet IO Modules ICE1-8ICE1-8IOL-G60L-V1D <= F10017affected
Pepperl+FuchsEthernet IO Modules ICE1-8ICE1-8IOL-S2-G60L-V1D <= F10017affected

Weaknesses

  • CWE-119: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

ADP Enrichment

CVE Program Container

Additional References

References