CVE-2022-43605

An out-of-bounds write vulnerability exists in the SetAttributeList attributecountrequest functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out of bounds write, potentially causing the server to crash or allow for remote cod...

CVE-2022-43604

Summary: CVE-2022-43604 affects the OpENer EtherNet/IP stack (EIP Stack Group), specifically the GetAttributeList attribute_count_request handling. When a GetAttributeList request carries an attribute_count_request value, the code uses it to drive a loop that writes response data. If attribute_co...

CVE-2022-43606

Summary (CVE-2022-43606) : In EIP Stack Group OpENer (development commit 58ee13c), a use-of-uninitialized-pointer occurs in the Forward Open connection_management_entry, when processing a specially crafted EtherNet/IP request. This can lead to a crash (server segmentation fault) due to dereferenc...

CVE-2022-43606

A use-of-uninitialized-pointer vulnerability exists in the Forward Open connectionmanagemententry functionality of EIP Stack Group OpENer development commit 58ee13c. A specially-crafted EtherNet/IP request can lead to use of a null pointer, causing the server to crash. An attacker can send a seri...

PT-2023-14268 · Unknown · Eip Stack Group Opener

Name of the Vulnerable Software and Affected Versions: EIP Stack Group OpENer development commit 58ee13c Description: An out-of-bounds write issue exists in the GetAttributeList attribute count request functionality. A specially crafted EtherNet/IP request can lead to an out-of-bounds write,...

EIP Stack Group OpENer Forward Open connection_management_entry use of uninitialized pointer vulnerability

Talos Vulnerability Report TALOS-2022-1663 EIP Stack Group OpENer Forward Open connectionmanagemententry use of uninitialized pointer vulnerability February 23, 2023 CVE Number CVE-2022-43606 SUMMARY A use-of-uninitialized-pointer vulnerability exists in the Forward Open connectionmanagemententry...

EIP Stack Group OpENer GetAttributeList attribute_count_request out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2022-1661 EIP Stack Group OpENer GetAttributeList attributecountrequest out-of-bounds write vulnerability February 23, 2023 CVE Number CVE-2022-43604 SUMMARY An out-of-bounds write vulnerability exists in the GetAttributeList attributecountrequest functionality of...

Vulnerability Spotlight: EIP Stack Group OpENer information disclosure vulnerability

Martin Zeiser of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable information disclosure vulnerability in EIP Stack Group OpENer’s Ethernet/IP UDP handler. OpENer is an Ethernet/IP stack for I/O adapter devices that... This is only the...

CVE-2021-21777

An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read...

CVE-2021-21777

An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read...

Information disclosure

An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read...

CVE-2021-21777

CVE-2021-21777 affects OpENer’s EIP Stack Group UDP handler. The vulnerability arises in the Ethernet/IP UDP path for OpENer 2.3 and the development commit 8c73bf3, where an integer/length handling bug in the UDP processing flow enables an out-of-bounds read. Specifically, a crafted UDP request c...

EIP Stack Group OpENer Ethernet/IP UDP handler information disclosure vulnerability

Summary An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read. Tested Versions EIP Stack Group OpENer 2.3 EIP Stack Group OpENe...

CVE-2020-13530

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of requests to trigg...

CVE-2020-13556

An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this...

CVE-2020-13556

An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this...

CVE-2020-13530

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of requests to trigg...

Denial of service

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of requests to trigg...

CVE-2020-13530

OpENer Ethernet/IP stack (2.3 and development commit 8c73bf3) is affected by a denial-of-service condition. Overloading the server with a high rate of network requests triggers a SIGPIPE when replying to a closed socket, causing the process to terminate. The vulnerability is triggered by a sequen...

CVE-2020-13530

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of requests to trigg...