PEPPERL+FUCHS: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service

Critical vulnerability has been discovered in the utilized component 499ES EtherNet/IP Stack by Real Time Automation (RTA).

VDE-2020-050 (2021-02-15 14:33 UTC+0100)

CVE Identifier

CVE-2020-25159

Severity

9.8 (CVSS:3.0:AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Vendors

PEPPERL+FUCHS

Affected Products

IC-KP2-2HB17-2V1D Firmware <= 18-31440H
IC-KP2-1HB17-2V1D Firmware <= 18-31766H
IC-KP-B17-AIDA1 Firmware <= 18-31785F

Vulnerability Type

Out-of-bounds Write (CWE - 787)

Summary

Critical vulnerability has been discovered in the utilized component 499ES EtherNet/IP Stack by Real Time Automation (RTA).

Impact

Pepperl+Fuchs analyzed and identified affected devices.
Remote attackers may exploit the vulnerability sending specially crafted packages that may result in a denial-of-service condition or code execution.

Solution

An external protective measure is required.

Minimize network exposure for affected products and ensure that they are not accessible via the Internet.
Isolate affected products from the corporate network.
If remote access is required, use secure methods such as virtual private networks (VPNs).

Reported by

Sharon Brizinov of Claroty reported this vulnerability to CISA.
Coordinated by CERT@VDE