Share: Email | Twitter

ID

VDE-2021-045

Published

2021-09-28 13:13 (CEST)

Last update

2021-09-28 13:13 (CEST)

Vendor(s)

Festo SE & Co. KG

Product(s)

Article No┬░ Product Name Affected Version(s)
541399 SBOC-Q-R1B all versions
569771 SBOC-Q-R1B-S1 all versions
548317 SBOC-Q-R1C all versions
569774 SBOC-Q-R1C-S1 all versions
551021 SBOC-Q-R2B all versions
569772 SBOC-Q-R2B-S1 all versions
551022 SBOC-Q-R2C all versions
555841 SBOC-Q-R3B-WB all versions
569777 SBOC-Q-R3B-WB-S1 all versions
555842 SBOC-Q-R3C-WB all versions
569778 SBOC-Q-R3C-WB-S1 all versions
541396 SBOI-Q-R1B all versions
569773 SBOI-Q-R1B-S1 all versions
548316 SBOI-Q-R1C all versions
569776 SBOI-Q-R1C-S1 all versions
555839 SBOI-Q-R3B-WB all versions
569779 SBOI-Q-R3B-WB-S1 all versions
555840 SBOI-Q-R3C-WB all versions
569780 SBOI-Q-R3C-WB-S1 all versions
8067301 SBRD-Q all versions

Summary

The affected product families are cameras SBOC/SBOI and the Controller SBRD. The vulnerabilities are located within the Ethernet IP Stack from EIPStackGroup OpENer Ethernet/IP.

Vulnerabilities



Weakness
Incorrect Conversion between Numeric Types (CWE-681)
Summary

A specifically crafted packet sent by an attacker to the affected devices may cause a denial-of-service condition.

Weakness
Out-of-bounds Read (CWE-125)
Summary

A specifically crafted packet sent by an attacker may allow the attacker to read arbitrary data.

Weakness
Reachable Assertion (CWE-617)
Summary

A specifically crafted packet sent by an attacker to the affected devices may cause a denial-of-service condition.

Weakness
Reachable Assertion (CWE-617)
Summary

A specifically crafted packet sent by an attacker to the affected devices may cause a denial-of-service condition.

Impact

Please consult the CVEs listed above and ICSA-21-105-02.

Solution

There is no fix planned.

Mitigation

  • Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.
  • Deactivate EtherNet/IP in device settings if not used

Reported by

Tal Keren and Sharon Brizinov of Claroty reported these vulnerabilities to CISA.
CERT@VDE coordinated with Festo.