CVE-2021-20987

Published Feb 16, 2021

Last updated 3 years ago

Overview

Description: A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without recovery.
Source: info@cert.vde.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.6
Impact score: 4
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-787
info@cert.vde.com: CWE-787

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hilscher:ethernet\\/ip_adapter_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "419E6FB7-27B2-4889-A1FB-6A9BA0F302DC",
            "versionEndExcluding": "2.13.0.21",
            "versionStartIncluding": "2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hilscher:ethernet\\/ip_adapter:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "947FAA6B-18CE-4503-A95B-423FA814BD88"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:pepperl-fuchs:wcs_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "508CB169-DD1D-4514-A620-BF046D84F6AF",
            "versionEndIncluding": "1.2.1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B49403E2-B4ED-4DD2-85EC-491967213920"
          },
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510-om:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B48FAFCA-7284-40DB-8D86-D464065548EC"
          },
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "68EDF8C0-3875-4D1E-B6D7-8E09CE4E5674"
          },
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510d-om:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A9F6BE9B-8E19-4D83-90A8-1029BD9AB16E"
          },
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510dh:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "21019E61-A45B-4143-A0D6-43B4769E102F"
          },
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510dh-om:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6E8C0988-2D6E-43BA-BF22-F70EE923BE64"
          },
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510h:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A434318B-7853-45A5-B843-D2D810FD4F3C"
          },
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510h-om:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5FE4EE57-3442-4202-834A-109B9599053B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:pepperl-fuchs:pxv100-f200-b25-v1d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4EFB0689-CA7B-4CE4-9B8B-8A747B623CFD",
            "versionEndIncluding": "1.10.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:pxv100-f200-b25-v1d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BDBD1518-8CE9-45E1-A69E-4A34188DA968"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:pepperl-fuchs:pxv100i-f200-b25-v1d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C78577F8-F883-4AD7-AC5C-8DC56FDC408B",
            "versionEndIncluding": "1.10.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:pxv100i-f200-b25-v1d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "103DD562-1E4E-45CC-9A42-6F0FE55D20B3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:pepperl-fuchs:pcv100-f200-b25-v1d-6011-6720_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49A20F93-3553-4D94-8BDE-6730561CBEE6",
            "versionEndIncluding": "1.10.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:pcv100-f200-b25-v1d-6011-6720:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2D059058-1DF7-4537-B0E4-5E4037594C31"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:pepperl-fuchs:pcv50-f200-b25-v1d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5F4DBF2-DDB0-4884-AB22-8AEE90AA077A",
            "versionEndIncluding": "1.10.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:pcv50-f200-b25-v1d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E4537296-FB20-44B5-880F-5F66D6B8152B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:pepperl-fuchs:pcv80-f200-b25-v1d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38C654B5-1D2C-4FEF-BC84-5DCB1E840ADC",
            "versionEndIncluding": "1.10.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:pcv80-f200-b25-v1d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CADB9FC-8E07-42FE-B4C4-914EC105286F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:pepperl-fuchs:pcv100-f200-b25-v1d-6011_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "027742F4-4E2A-49AB-AF7E-3C69A3D04D5B",
            "versionEndIncluding": "1.10.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:pcv100-f200-b25-v1d-6011:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F7FD4CB0-4AF3-4507-AB18-C0B96B9E7DFE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Configurations

References