Denial of Service in Rexroth ActiveMover using Profinet protocol


2021-03-31 00:00:00 UTC


BOSCH-SA-637429: The ActiveMover with Profinet communication module (Rexroth no. 3842 559 445) sold by Bosch Rexroth contains communication technology from Hilscher (PROFINET IO Device V3) in which a vulnerability with high severity has been discovered. A Denial of Service vulnerability may lead to unexpected loss of cyclic communication or interruption of acyclic communication. The vulnerability only affects ActiveMover with the Profinet communication module. If the product is used in closed (machine) networks with no access to the internet the risk of the vulnerability is very low.