CVE-2021-20986 — HIGH (7.5)

Q: How severe is CVE-2021-20986?

CVE-2021-20986 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-20986?

Check the references section above for vendor advisories and patch information. Affected products include: Hilscher Profinet Io Device Firmware, Hilscher Profinet Io Device, Pepperl-Fuchs Pgv100-F200A-B17-V1D Firmware, Pepperl-Fuchs Pgv100-F200A-B17-V1D, Pepperl-Fuchs Pgv150I-F200A-B17-V1D Firmware.

Vulnerability Description

A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This may lead to unexpected loss of cyclic communication or interruption of acyclic communication.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Hilscher	Profinet Io Device Firmware	>= 3.0, < 3.14.0.7
Hilscher	Profinet Io Device	-
Pepperl-Fuchs	Pgv100-F200A-B17-V1D Firmware	<= 2.0.0
Pepperl-Fuchs	Pgv100-F200A-B17-V1D	-
Pepperl-Fuchs	Pgv150I-F200A-B17-V1D Firmware	<= 2.0.0
Pepperl-Fuchs	Pgv150I-F200A-B17-V1D	-
Pepperl-Fuchs	Pgv100-F200-B17-V1D-7477 Firmware	<= 2.0.0
Pepperl-Fuchs	Pgv100-F200-B17-V1D-7477	-
Pepperl-Fuchs	Pxv100-F200-B17-V1D Firmware	<= 4.2.0
Pepperl-Fuchs	Pxv100-F200-B17-V1D	-
Pepperl-Fuchs	Pxv100-F200-B17-V1D-3636 Firmware	<= 4.2.0
Pepperl-Fuchs	Pxv100-F200-B17-V1D-3636	-
Pepperl-Fuchs	Pcv80-F200-B17-V1D Firmware	<= 3.2.3
Pepperl-Fuchs	Pcv80-F200-B17-V1D	-
Pepperl-Fuchs	Pcv100-F200-B17-V1D Firmware	<= 3.2.3
Pepperl-Fuchs	Pcv100-F200-B17-V1D	-
Pepperl-Fuchs	Pcv50-F200-B17-V1D Firmware	<= 3.2.3
Pepperl-Fuchs	Pcv50-F200-B17-V1D	-
Pepperl-Fuchs	Pcv100-F200-B17-V1D-6011-6997 Firmware	<= 3.2.3
Pepperl-Fuchs	Pcv100-F200-B17-V1D-6011-6997	-

Related Weaknesses (CWE)

CWE-787

References

https://cert.vde.com/en-us/advisories/vde-2021-006Third Party Advisory
https://kb.hilscher.com/display/ISMS/2020-12-03+Denial+of+Service+vulnerability+Vendor Advisory
https://cert.vde.com/en-us/advisories/vde-2021-006Third Party Advisory
https://kb.hilscher.com/display/ISMS/2020-12-03+Denial+of+Service+vulnerability+Vendor Advisory

FAQ

What is CVE-2021-20986?

CVE-2021-20986 is a vulnerability with a CVSS score of 7.5 (HIGH). A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This may lead to unexpected loss of cyclic communication or interruption of acyclic commun...

How severe is CVE-2021-20986?

CVE-2021-20986 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-20986?

Check the references section above for vendor advisories and patch information. Affected products include: Hilscher Profinet Io Device Firmware, Hilscher Profinet Io Device, Pepperl-Fuchs Pgv100-F200A-B17-V1D Firmware, Pepperl-Fuchs Pgv100-F200A-B17-V1D, Pepperl-Fuchs Pgv150I-F200A-B17-V1D Firmware.