CVE-2021-20987 - OpenCVE

A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without recovery.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Pepperl-fuchs	Pcv100-f200-b25-v1d-6011-6720 Firmware Pcv50-f200-b25-v1d Firmware Pcv50-f200-b25-v1d Wcs3b-ls510h-om Wcs3b-ls510d Pcv100-f200-b25-v1d-6011 Firmware Wcs3b-ls510dh Wcs3b-ls510d-om Wcs3b-ls510dh-om Wcs3b-ls510-om Pxv100i-f200-b25-v1d Firmware Pxv100-f200-b25-v1d Pcv80-f200-b25-v1d Wcs3b-ls510h Pxv100i-f200-b25-v1d Wcs3b-ls510 Pxv100-f200-b25-v1d Firmware Wcs Firmware Pcv100-f200-b25-v1d-6011 Pcv80-f200-b25-v1d Firmware Pcv100-f200-b25-v1d-6011-6720
Hilscher	Ethernet\/ip Adapter Firmware Ethernet\/ip Adapter

Configuration 1 [-]

AND

cpe:2.3:o:hilscher:ethernet\/ip_adapter_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hilscher:ethernet\/ip_adapter:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:pepperl-fuchs:wcs_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:pepperl-fuchs:wcs3b-ls510:-:::::::*
	cpe:2.3:h:pepperl-fuchs:wcs3b-ls510-om:-:::::::*
	cpe:2.3:h:pepperl-fuchs:wcs3b-ls510d:-:::::::*
	cpe:2.3:h:pepperl-fuchs:wcs3b-ls510d-om:-:::::::*
	cpe:2.3:h:pepperl-fuchs:wcs3b-ls510dh:-:::::::*
	cpe:2.3:h:pepperl-fuchs:wcs3b-ls510dh-om:-:::::::*
	cpe:2.3:h:pepperl-fuchs:wcs3b-ls510h:-:::::::*
	cpe:2.3:h:pepperl-fuchs:wcs3b-ls510h-om:-:::::::*

Configuration 3 [-]

AND

cpe:2.3:o:pepperl-fuchs:pxv100-f200-b25-v1d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:pepperl-fuchs:pxv100-f200-b25-v1d:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:pepperl-fuchs:pxv100i-f200-b25-v1d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:pepperl-fuchs:pxv100i-f200-b25-v1d:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:pepperl-fuchs:pcv100-f200-b25-v1d-6011-6720_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:pepperl-fuchs:pcv100-f200-b25-v1d-6011-6720:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:pepperl-fuchs:pcv50-f200-b25-v1d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:pepperl-fuchs:pcv50-f200-b25-v1d:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:pepperl-fuchs:pcv80-f200-b25-v1d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:pepperl-fuchs:pcv80-f200-b25-v1d:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:pepperl-fuchs:pcv100-f200-b25-v1d-6011_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:pepperl-fuchs:pcv100-f200-b25-v1d-6011:-:*:*:*:*:*:*:*

References

Link	Resource
https://cert.vde.com/en-us/advisories/vde-2021-007	Third Party Advisory
https://kb.hilscher.com/pages/viewpage.action?pageId=108969480	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: CERTVDE

Published: 2021-02-15T00:00:00

Updated: 2021-02-16T16:37:09

Reserved: 2020-12-17T00:00:00

Link: CVE-2021-20987

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-02-16T17:15:12.973

Modified: 2022-04-26T14:11:26.543

Link: CVE-2021-20987

JSON object: View

Redhat Information

No data.

CWE

CWE-787