CVE-2021-20988

Published May 13, 2021

Last updated 4 years ago

CVSS high 7.5

Overview

Description: In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by the packet. This may lead to a denial of service of the affected device.
Source: info@cert.vde.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-119
info@cert.vde.com: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hilscher:rcx_rtos:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16462C1A-206D-44F9-A947-375B030FD7EB",
            "versionEndExcluding": "2.1.14.1"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:pepperl-fuchs:ice1-16di-g60l-v1d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "384C0613-C59E-41E5-AD43-73D52B28A984",
            "versionEndIncluding": "f10017"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:ice1-16di-g60l-v1d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "32A6F558-D110-4F54-BA21-9F06630594D0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:pepperl-fuchs:ice1-16dio-g60l-c1-v1d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF07E378-EFE4-4FD1-BC82-D6CB8365C878",
            "versionEndIncluding": "f10017"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:ice1-16dio-g60l-c1-v1d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "406B0617-832E-44B0-9660-53F434116748"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:pepperl-fuchs:ice1-16dio-g60l-v1d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D76A7703-75E0-4940-A764-92A71DCC2FE1",
            "versionEndIncluding": "f10017"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:ice1-16dio-g60l-v1d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0B3320FC-3FA9-4037-A857-3A2F590B6AFF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:pepperl-fuchs:ice1-8di8do-g60l-c1-v1d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B81827B2-7B2C-4A36-8BD2-426D9E87FC13",
            "versionEndIncluding": "f10017"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:ice1-8di8do-g60l-c1-v1d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8C563D4C-35B8-492D-9293-26B0AD7EA041"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:pepperl-fuchs:ice1-8di8do-g60l-v1d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78AAC558-9077-4EB3-89DE-05C777D333BB",
            "versionEndIncluding": "f10017"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:ice1-8di8do-g60l-v1d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1B002936-6701-4457-A09F-00F5FD5E5239"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:pepperl-fuchs:ice1-8iol-g30l-v1d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "207E6F9E-138C-4016-952B-3DC9928B94E4",
            "versionEndIncluding": "f10017"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:ice1-8iol-g30l-v1d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EB28B241-7156-460F-B4B2-24B0B79552E9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:pepperl-fuchs:ice1-8iol-g60l-v1d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA6BE065-4F27-4C21-A414-12930CB242C6",
            "versionEndIncluding": "f10017"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:ice1-8iol-g60l-v1d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C010E7C4-3478-47B9-B43A-31D3A1F48518"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:pepperl-fuchs:ice1-8iol-s2-g60l-v1d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BD48DD9-9F46-4761-A46C-5BB324A5D571",
            "versionEndIncluding": "f10017"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:pepperl-fuchs:ice1-8iol-s2-g60l-v1d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "137D3E5C-48C4-4103-BEBF-41670B4DE44D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References