Share: Email | Twitter

ID

VDE-2021-045

Published

2021-09-28 13:13 (CEST)

Last update

2021-09-28 13:14 (CEST)

Vendor(s)

Festo SE & Co. KG

Product(s)

Name Part Nr Ordercode Affected Versions
SBOC-Q-R1B 541399 SBOC-Q-R1B all versions
SBOC-Q-R1B-S1 569771 SBOC-Q-R1B-S1 all versions
SBOC-Q-R1C 548317 SBOC-Q-R1C all versions
SBOC-Q-R1C-S1 569774 SBOC-Q-R1C-S1 all versions
SBOC-Q-R3B-WB 555841 SBOC-Q-R3B-WB all versions
SBOC-Q-R3B-WB-S1 569777 SBOC-Q-R3B-WB-S1 all versions
SBOC-Q-R3C-WB 555842 SBOC-Q-R3C-WB all versions
SBOC-Q-R3C-WB-S1 569778 SBOC-Q-R3C-WB-S1 all versions
SBOC-Q-R2B 551021 SBOC-Q-R2B all versions
SBOC-Q-R2B-S1 569772 SBOC-Q-R2B-S1 all versions
SBOC-Q-R2C 551022 SBOC-Q-R2C all versions
SBOI-Q-R1B 541396 SBOI-Q-R1B all versions
SBOI-Q-R1B-S1 569773 SBOI-Q-R1B-S1 all versions
SBOI-Q-R1C 548316 SBOI-Q-R1C all versions
SBOI-Q-R1C-S1 569776 SBOI-Q-R1C-S1 all versions
SBOI-Q-R3B-WB 555839 SBOI-Q-R3B-WB all versions
SBOI-Q-R3B-WB-S1 569779 SBOI-Q-R3B-WB-S1 all versions
SBOI-Q-R3C-WB 555840 SBOI-Q-R3C-WB all versions
SBOI-Q-R3C-WB-S1 569780 SBOI-Q-R3C-WB-S1 all versions
SBRD-Q 8067301 SBRD-Q all versions

Summary

The affected product families are cameras SBOC/SBOI and the Controller SBRD. The vulnerabilities are located within the Ethernet IP Stack from EIPStackGroup OpENer Ethernet/IP.

Vulnerabilities



Weakness
Incorrect Conversion between Numeric Types (CWE-681)
Summary

A specifically crafted packet sent by an attacker to the affected devices may cause a denial-of-service condition.

Weakness
Out-of-bounds Read (CWE-125)
Summary

A specifically crafted packet sent by an attacker may allow the attacker to read arbitrary data.

Weakness
Reachable Assertion (CWE-617)
Summary

A specifically crafted packet sent by an attacker to the affected devices may cause a denial-of-service condition.

Weakness
Reachable Assertion (CWE-617)
Summary

A specifically crafted packet sent by an attacker to the affected devices may cause a denial-of-service condition.

Impact

Please consult the CVEs listed above and ICSA-21-105-02.

Solution

There is no fix planned.

Mitigation

  • Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.
  • Deactivate EtherNet/IP in device settings if not used

Reported by

Tal Keren and Sharon Brizinov of Claroty reported these vulnerabilities to CISA.
CERT@VDE coordinated with Festo.