PEPPERL+FUCHS: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service

Critical vulnerability has been discovered in the utilized component PROFINET IO Device by Hilscher Gesellschaft für Systemautomation mbH.

VDE-2021-006 (2021-02-16 16:53 UTC+0200)

CVE Identifier

CVE-2021-20986

Affected Vendors

PEPPERL+FUCHS

Affected Products

PCV/PXV/PGV

Item No. Item Vulnerable Profinet Communication FW
285693-100000 PGV100-F200A-B17-V1D <= V2.0.0
285693-100001 PGV150I-F200A-B17-V1D <= V2.0.0
285693-100005 PGV100-F200-B17-V1D-7477 <= V2.0.0
293431-100003 PXV100-F200-B17-V1D <= V4.2.0
293431-100020 PXV100-F200-B17-V1D-3636 <= V4.2.0
244538 PCV80-F200-B17-V1D <= V3.2.3
247325 PCV100-F200-B17-V1D <= V3.2.3
259676 PCV50-F200-B17-V1D <= V3.2.3
282529 PCV100-F200-B17-V1D-6011-6997 <= V3.2.3
264850 PCV100-F200-B17-V1D-6011 <= V3.2.5
70103187 PCV100-F200-B17-V1D-6011-8203 <= V3.2.5

PXV/PGV B28 Profisafe

Item No. Item Vulnerable Profinet Communication FW
296169 PXV100A-F200-B28-V1D <= V1.0.3
298410 PXV100A-F200-B28-V1D-6011 <= V1.0.3
303881 PGV100A-F200-B28-V1D <= V1.0.3
303883 PGV100A-F200A-B28-V1D <= V1.0.3
70105189 PGV100AQ-F200A-B28-V1D <= V2.1.1
70105231 PGV100AQ-F200-B28-V1D <= V2.1.1
70105248 PXV100AQ-F200-B28-V1D <= V2.1.1
70105249 PXV100AQ-F200-B28-V1D-6011 <= V2.1.1

OHV

Item No. Item Vulnerable Profinet Communication FW
289804-100000 OHV-F230-B17 <= V1.1.0

OIT

Item No. Item Vulnerable Profinet Communication FW
316742 OIT500-F113-B17-CB <= V1.3.4

 

PHA

Item No. Item Vulnerable Profinet Communication FW
255662 PHA300-F200-B17-V1D <= V3.1.5
257498 PHA400-F200-B17-V1D
258403 PHA300-F200A-B17-V1D
265869 PHA300-F200-B17-T-V1D
266679 PHA200-F200A-B17-V1D
266680 PHA200-F200-B17-V1D
270875 PHA400-F200A-B17-V1D
283557 PHA300-F200A-B17-T-V1D
291103 PHA600-F200A-B17-V1D
292686 PHA500-F200-B17-V1D
292696 PHA500-F200A-B17-V1D
292701 PHA600-F200-B17-V1D
293772 PHA150-F200A-B17-V1D
295658 PHA200-F200A-B17-T-V1D
307562 PHA150-F200-B17-V1D
320263 PHA800-F200-B17-V1D
323292 PHA400-F200A-B17-T-V1D
323438 PHA500-F200A-B17-T-V1D
70103352 PHA700-F200-B17-V1D

WCS

Item No. Item Vulnerable Profinet Communication FW
262007 WCS3B-LS610 <= V3.0.0
280551 WCS3B-LS610H
280552 WCS3B-LS610D
280553 WCS3B-LS610DH
312676 WCS3B-LS610H-OM
312677 WCS3B-LS610DH-OM
312678 WCS3B-LS610D-OM
312679 CS3B-LS610-OM

Summary

Critical vulnerability has been discovered in the utilized component PROFINET IO Device by Hilscher Gesellschaft für Systemautomation mbH.
The impact of the vulnerability on the affected device is that it can

  • no longer perform acyclic requests
  • may drop all established cyclic connections may
  • disappear completely from the network

For more information see advisory by Hilscher:
https://kb.hilscher.com/display/ISMS/2020-12-03+Denial+of+Service+vulnerability+in+PROFINET+IO+Device

Impact

Pepperl+Fuchs analyzed and identified affected devices.
Remote attackers may cause a cause a Denial Of Service of the product.

Solution

An external protective measure is required.

  • Minimize network exposure for affected products and ensure that they are not accessible via the Internet.
  • Isolate affected products from the corporate network.
  • If remote access is required, use secure methods such as virtual private networks (VPNs).

Reported by

Hilscher Gesellschaft für Systemautomation mbH