Lucene search

[email protected]NVD:CVE-2021-32998

HistoryJan 10, 2022 - 2:10 p.m.

CVE-2021-32998

2022-01-1014:10:17

CWE-787

[email protected]

web.nvd.nist.gov

8.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:C/A:C

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

0.001 Low

EPSS

Percentile

38.5%

JSON

The FANUC R-30iA and R-30iB series controllers are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code. INIT START/restore from backup required.

Affected configurations

NVD

Node

fanucr-30ia_firmwareMatch7.20

fanucr-30ia_firmwareMatch7.30

fanucr-30ia_firmwareMatch7.40

fanucr-30ia_firmwareMatch7.43

fanucr-30ia_firmwareMatch7.50

fanucr-30ia_firmwareMatch7.63

fanucr-30ia_firmwareMatch7.70

AND

fanucr-30iaMatch-

Node

fanucr-30ia_mate_firmwareMatch7.20

fanucr-30ia_mate_firmwareMatch7.30

fanucr-30ia_mate_firmwareMatch7.40

fanucr-30ia_mate_firmwareMatch7.43

fanucr-30ia_mate_firmwareMatch7.50

fanucr-30ia_mate_firmwareMatch7.63

fanucr-30ia_mate_firmwareMatch7.70

AND

fanucr-30ia_mateMatch-

Node

fanucr-30ib_mate_firmwareMatch8.10

fanucr-30ib_mate_firmwareMatch8.13

fanucr-30ib_mate_firmwareMatch8.20

fanucr-30ib_mate_firmwareMatch8.23

fanucr-30ib_mate_firmwareMatch8.26

fanucr-30ib_mate_firmwareMatch8.30

fanucr-30ib_mate_firmwareMatch8.33

fanucr-30ib_mate_firmwareMatch8.36

AND

fanucr-30ib_mateMatch-

Node

fanucr-30ib_compact_firmwareMatch8.10

fanucr-30ib_compact_firmwareMatch8.13

fanucr-30ib_compact_firmwareMatch8.20

fanucr-30ib_compact_firmwareMatch8.23

fanucr-30ib_compact_firmwareMatch8.26

fanucr-30ib_compact_firmwareMatch8.30

fanucr-30ib_compact_firmwareMatch8.33

fanucr-30ib_compact_firmwareMatch8.36

AND

fanucr-30ib_compactMatch-

Node

fanucr-30ib_firmwareMatch8.10

fanucr-30ib_firmwareMatch8.13

fanucr-30ib_firmwareMatch8.20

fanucr-30ib_firmwareMatch8.23

fanucr-30ib_firmwareMatch8.26

fanucr-30ib_firmwareMatch8.30

fanucr-30ib_firmwareMatch8.33

fanucr-30ib_firmwareMatch8.36

AND

fanucr-30ibMatch-

Node

fanucr-30ib_mate_plus_firmwareMatch9.10

fanucr-30ib_mate_plus_firmwareMatch9.13

fanucr-30ib_mate_plus_firmwareMatch9.16

fanucr-30ib_mate_plus_firmwareMatch9.30

fanucr-30ib_mate_plus_firmwareMatch9.36

fanucr-30ib_mate_plus_firmwareMatch9.40

AND

fanucr-30ib_mate_plusMatch-

Node

fanucr-30ib_compact_plus_firmwareMatch9.10

fanucr-30ib_compact_plus_firmwareMatch9.13

fanucr-30ib_compact_plus_firmwareMatch9.16

fanucr-30ib_compact_plus_firmwareMatch9.30

fanucr-30ib_compact_plus_firmwareMatch9.36

fanucr-30ib_compact_plus_firmwareMatch9.40

AND

fanucr-30ib_compact_plusMatch-

Node

fanucr-30ib_mini_plus_firmwareMatch9.10

fanucr-30ib_mini_plus_firmwareMatch9.13

fanucr-30ib_mini_plus_firmwareMatch9.16

fanucr-30ib_mini_plus_firmwareMatch9.30

fanucr-30ib_mini_plus_firmwareMatch9.36

fanucr-30ib_mini_plus_firmwareMatch9.40

AND

fanucr-30ib_mini_plusMatch-

Node

fanucr-30ib_plus_firmwareMatch9.10

fanucr-30ib_plus_firmwareMatch9.13

fanucr-30ib_plus_firmwareMatch9.16

fanucr-30ib_plus_firmwareMatch9.30

fanucr-30ib_plus_firmwareMatch9.36

fanucr-30ib_plus_firmwareMatch9.40

AND

fanucr-30ib_plusMatch-

References

www.cisa.gov/uscert/ics/advisories/icsa-21-243-02

8.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:C/A:C

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

0.001 Low

EPSS

Percentile

38.5%

JSON

Related for NVD:CVE-2021-32998

nessus1 cvelist1 prion1 cve1 ics1