Lucene search
+L

37 matches found

talosblog
talosblog
added 2021/06/24 6:3 a.m.37 views

Vulnerability Spotlight: EIP Stack Group OpENer information disclosure vulnerability

Martin Zeiser of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable information disclosure vulnerability in EIP Stack Group OpENer’s Ethernet/IP UDP handler. OpENer is an Ethernet/IP stack for I/O adapter devices that... This is only the...

0.7AI score
Exploits0
nvd
nvd
added 2021/06/17 11:15 a.m.40 views

CVE-2021-21777

An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read...

10CVSS0.01667EPSS
Exploits1References1
osv
osv
added 2021/06/17 11:15 a.m.13 views

CVE-2021-21777

An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read...

10CVSS6.4AI score
Exploits0References1
prion
prion
added 2021/06/17 11:15 a.m.15 views

Information disclosure

An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read...

9.4CVSS8.8AI score0.01667EPSS
Exploits1References1Affected Software1
cve
cve
added 2021/06/17 10:48 a.m.61 views

CVE-2021-21777

CVE-2021-21777 affects OpENer’s EIP Stack Group UDP handler. The vulnerability arises in the Ethernet/IP UDP path for OpENer 2.3 and the development commit 8c73bf3, where an integer/length handling bug in the UDP processing flow enables an out-of-bounds read. Specifically, a crafted UDP request c...

10CVSS8.8AI score0.01667EPSS
Exploits1References1Affected Software1
talos
talos
added 2021/06/16 12:0 a.m.62 views

EIP Stack Group OpENer Ethernet/IP UDP handler information disclosure vulnerability

Summary An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read. Tested Versions EIP Stack Group OpENer 2.3 EIP Stack Group OpENe...

10CVSS9.1AI score0.01667EPSS
Exploits1
nvd
nvd
added 2020/12/11 4:15 a.m.27 views

CVE-2020-13530

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of requests to trigg...

7.5CVSS7.4AI score0.02063EPSS
Exploits1References1
nvd
nvd
added 2020/12/11 4:15 a.m.52 views

CVE-2020-13556

An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this...

9.8CVSS9.8AI score0.04519EPSS
Exploits1References1
osv
osv
added 2020/12/11 4:15 a.m.19 views

CVE-2020-13530

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of requests to trigg...

7.5CVSS6.7AI score
Exploits0References1
osv
osv
added 2020/12/11 4:15 a.m.17 views

CVE-2020-13556

An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this...

9.8CVSS7.7AI score
Exploits0References1
prion
prion
added 2020/12/11 4:15 a.m.16 views

Denial of service

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of requests to trigg...

5CVSS7.4AI score0.02063EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2020/12/11 3:21 a.m.32 views

CVE-2020-13530

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of requests to trigg...

7.5CVSS7.4AI score0.02063EPSS
Exploits1References1
cve
cve
added 2020/12/11 3:21 a.m.75 views

CVE-2020-13530

OpENer Ethernet/IP stack (2.3 and development commit 8c73bf3) is affected by a denial-of-service condition. Overloading the server with a high rate of network requests triggers a SIGPIPE when replying to a closed socket, causing the process to terminate. The vulnerability is triggered by a sequen...

7.5CVSS7.4AI score0.02063EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2020/12/11 3:13 a.m.55 views

CVE-2020-13556

An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this...

9.8CVSS9.8AI score0.04519EPSS
Exploits1References1
cve
cve
added 2020/12/11 3:13 a.m.73 views

CVE-2020-13556

The CVE-2020-13556 entry concerns the OpENer EtherNet/IP stack. A vulnerability in OpENer 2.3 and the development commit 8c73bf3 arises from an out-of-bounds write in the Ethernet/IP server, specifically CreateCommonPacketFormatStructure, where the item_count from an ENIP packet drives a loop wri...

9.8CVSS9.7AI score0.04519EPSS
Exploits1References1Affected Software1
talos
talos
added 2020/12/02 12:0 a.m.58 views

EIP Stack Group OpENer Ethernet/IP server out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this...

9.8CVSS9.6AI score0.04519EPSS
Exploits1
talos
talos
added 2020/12/02 12:0 a.m.117 views

EIP Stack Group OpENer ethernet/IP server denial-of-service vulnerability

Summary A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of requests ...

7.5CVSS7.7AI score0.02063EPSS
Exploits1
Rows per page
Query Builder