Promass 83 devices utilizing 499ES EtherNet/IP (ENIP) Stack by Real Time Automation (RTA) are vulnerable to a stack-based buffer overflow.
Update A, 2021-10-07:
499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution.
The vulnerability described can lead to a denial of service or even remote code execution.
If an immediate firmware update is not possible, the only way to prevent an attack is to disable communication via EtherNet/IP.
Endress+Hauser provides updated firmware versions (Firmware versions >1.00.00) for the related product from the Proline portfolio which fixes the vulnerability. Endress+Hauser strongly recommends customers to update to the new fixed version. For support, please contact your local service center.
Sharon Brizinov of Claroty reported this vulnerability to CISA.
CERT@VDE coordinated with ENDRESS+HAUSER.