CVE-2021-20987

{"id": "CVE-2021-20987", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "info@cert.vde.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.9}]}, "published": "2021-02-16T17:15:12.973", "references": [{"url": "https://cert.vde.com/en-us/advisories/vde-2021-007", "tags": ["Third Party Advisory"], "source": "info@cert.vde.com"}, {"url": "https://kb.hilscher.com/pages/viewpage.action?pageId=108969480", "tags": ["Vendor Advisory"], "source": "info@cert.vde.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Secondary", "source": "info@cert.vde.com", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without recovery."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad de denegaci\u00f3n de servicio y corrupci\u00f3n de memoria en Hilscher EtherNet/IP Core versiones V2 anteriores a V2.13.0.21, que puede conllevar a una inyecci\u00f3n de c\u00f3digo a trav\u00e9s de la red o hacer que los dispositivos se bloqueen sin recuperaci\u00f3n"}], "lastModified": "2022-04-26T14:11:26.543", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hilscher:ethernet\\/ip_adapter_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "419E6FB7-27B2-4889-A1FB-6A9BA0F302DC", "versionEndExcluding": "2.13.0.21", "versionStartIncluding": "2.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hilscher:ethernet\\/ip_adapter:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "947FAA6B-18CE-4503-A95B-423FA814BD88"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:pepperl-fuchs:wcs_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "508CB169-DD1D-4514-A620-BF046D84F6AF", "versionEndIncluding": "1.2.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B49403E2-B4ED-4DD2-85EC-491967213920"}, {"criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510-om:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B48FAFCA-7284-40DB-8D86-D464065548EC"}, {"criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "68EDF8C0-3875-4D1E-B6D7-8E09CE4E5674"}, {"criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510d-om:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A9F6BE9B-8E19-4D83-90A8-1029BD9AB16E"}, {"criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510dh:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "21019E61-A45B-4143-A0D6-43B4769E102F"}, {"criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510dh-om:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6E8C0988-2D6E-43BA-BF22-F70EE923BE64"}, {"criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510h:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A434318B-7853-45A5-B843-D2D810FD4F3C"}, {"criteria": "cpe:2.3:h:pepperl-fuchs:wcs3b-ls510h-om:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5FE4EE57-3442-4202-834A-109B9599053B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:pepperl-fuchs:pxv100-f200-b25-v1d_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EFB0689-CA7B-4CE4-9B8B-8A747B623CFD", "versionEndIncluding": "1.10.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:pepperl-fuchs:pxv100-f200-b25-v1d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BDBD1518-8CE9-45E1-A69E-4A34188DA968"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:pepperl-fuchs:pxv100i-f200-b25-v1d_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C78577F8-F883-4AD7-AC5C-8DC56FDC408B", "versionEndIncluding": "1.10.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:pepperl-fuchs:pxv100i-f200-b25-v1d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "103DD562-1E4E-45CC-9A42-6F0FE55D20B3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:pepperl-fuchs:pcv100-f200-b25-v1d-6011-6720_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49A20F93-3553-4D94-8BDE-6730561CBEE6", "versionEndIncluding": "1.10.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:pepperl-fuchs:pcv100-f200-b25-v1d-6011-6720:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2D059058-1DF7-4537-B0E4-5E4037594C31"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:pepperl-fuchs:pcv50-f200-b25-v1d_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5F4DBF2-DDB0-4884-AB22-8AEE90AA077A", "versionEndIncluding": "1.10.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:pepperl-fuchs:pcv50-f200-b25-v1d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E4537296-FB20-44B5-880F-5F66D6B8152B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:pepperl-fuchs:pcv80-f200-b25-v1d_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38C654B5-1D2C-4FEF-BC84-5DCB1E840ADC", "versionEndIncluding": "1.10.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:pepperl-fuchs:pcv80-f200-b25-v1d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CADB9FC-8E07-42FE-B4C4-914EC105286F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:pepperl-fuchs:pcv100-f200-b25-v1d-6011_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "027742F4-4E2A-49AB-AF7E-3C69A3D04D5B", "versionEndIncluding": "1.10.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:pepperl-fuchs:pcv100-f200-b25-v1d-6011:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F7FD4CB0-4AF3-4507-AB18-C0B96B9E7DFE"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "info@cert.vde.com"}