Share: Email | Twitter

ID

VDE-2021-018

Published

2021-05-12 10:57 (CEST)

Last update

2021-07-07 10:57 (CEST)

Vendor(s)

PEPPERL+FUCHS

Product(s)

Item No. Title FW Version Affected by
295311 ICE1-16DI-G60L-V1D <=F10017 all
308627 ICE1-16DIO-G60L-C1-V1D
308626 ICE1-16DIO-G60L-V1D
295314 ICE1-8DI8DO-G60L-C1-V1D
295312 ICE1-8DI8DO-G60L-V1D
70101643 ICE1-8IOL-G30L-V1D
295313 ICE1-8IOL-G60L-V1D
70103603 ICE1-8IOL-S2-G60L-V1D CVE-2019-18222
CVE-2021-20988
CVE-2021-20987

Summary

Critical vulnerability has been discovered in the utilized components rcX, mbedTLS, PROFINET IO Device and EtherNet/IP Core by Hilscher Gesellschaft für Systemautomation mbH.
The impact of the vulnerabilities on the affected device is that it can result in:

  • Denial of Service (DoS)
  • Remote Code Execution (RCE)
  • Code Exposure

Weakness

Stack-based Buffer Overflow  (CWE-121) 

Summary

A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without recovery.


Impact

Pepperl+Fuchs analyzed and identified affected devices.
Remote attackers may exploit the vulnerability sending specially crafted packages that may result in a denial-of-service condition or code execution.

Solution

An external protective measure is required.

  • Minimize network exposure for affected products and ensure that they are not accessible via the Internet.
  • Isolate affected products from the corporate network.
  • If remote access is required, use secure methods such as virtual private networks (VPNs).

Reported by

Hilscher Gesellschaft für Systemautomation mbH

Coordinated by CERT@VDE