CVE-2021-20987 Hilscher: EtherNet/IP stack crash for specific CIP service

🗓️ 16 Feb 2021 16:37:09Reported by CERTVDEType

Hilscher EtherNet/IP stack DoS and code injection vulnerabilit

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2021-20987	16 Feb 202120:48	–	circl
CNNVD	Hilscher EtherNet/IP Core Buffer Error Vulnerability	16 Feb 202100:00	–	cnnvd
CVE	CVE-2021-20987	16 Feb 202116:37	–	cve
EUVD	EUVD-2021-8396	3 Oct 202520:07	–	euvd
NVD	CVE-2021-20987	16 Feb 202117:15	–	nvd
OSV	CVE-2021-20987	16 Feb 202117:15	–	osv
Prion	Memory corruption	16 Feb 202117:15	–	prion

[
  {
    "product": "EtherNet/IP Core V2",
    "vendor": "Hilscher",
    "versions": [
      {
        "lessThan": "V2.13.0.21",
        "status": "affected",
        "version": "V2",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "PCV/PXV/PGV",
    "vendor": "Pepper+Fuchs",
    "versions": [
      {
        "lessThanOrEqual": "V1.10.0",
        "status": "affected",
        "version": "PXV100-F200-B25-V1D, PXV100I-F200-B25-V1D, PCV100-F200-B25-V1D-6011-6720, PCV50-F200-B25-V1D, PCV80-F200-B25-V1D, PCV100-F200-B25-V1D-6011",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "WCS",
    "vendor": "Pepper+Fuchs",
    "versions": [
      {
        "lessThanOrEqual": "V1.2.1",
        "status": "affected",
        "version": "WCS3B-LS510, WCS3B-LS510H, WCS3B-LS510D, WCS3B-LS510DH, WCS3B-LS510H-OM, WCS3B-LS510DH-OM, WCS3B-LS510D-OM, WCS3B-LS510-OM",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
cert	www.cert.vde.com/en-us/advisories/vde-2021-007
kb	www.kb.hilscher.com/pages/viewpage.action

16 Feb 2021 16:37Current

9High risk

Vulners AI Score9

CVSS 3.18.6

EPSS0.01098

CWE-787