CVE-2021-20987 — HIGH (8.6)

Q: How severe is CVE-2021-20987?

CVE-2021-20987 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-20987?

Check the references section above for vendor advisories and patch information. Affected products include: Hilscher Ethernet\/Ip Adapter Firmware, Hilscher Ethernet\/Ip Adapter, Pepperl-Fuchs Wcs Firmware, Pepperl-Fuchs Wcs3B-Ls510, Pepperl-Fuchs Wcs3B-Ls510-Om.

Vulnerability Description

A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without recovery.

CVSS Score

8.6

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Hilscher	Ethernet\/Ip Adapter Firmware	>= 2.0, < 2.13.0.21
Hilscher	Ethernet\/Ip Adapter	-
Pepperl-Fuchs	Wcs Firmware	<= 1.2.1
Pepperl-Fuchs	Wcs3B-Ls510	-
Pepperl-Fuchs	Wcs3B-Ls510-Om	-
Pepperl-Fuchs	Wcs3B-Ls510D	-
Pepperl-Fuchs	Wcs3B-Ls510D-Om	-
Pepperl-Fuchs	Wcs3B-Ls510Dh	-
Pepperl-Fuchs	Wcs3B-Ls510Dh-Om	-
Pepperl-Fuchs	Wcs3B-Ls510H	-
Pepperl-Fuchs	Wcs3B-Ls510H-Om	-
Pepperl-Fuchs	Pxv100-F200-B25-V1D Firmware	<= 1.10.0
Pepperl-Fuchs	Pxv100-F200-B25-V1D	-
Pepperl-Fuchs	Pxv100I-F200-B25-V1D Firmware	<= 1.10.0
Pepperl-Fuchs	Pxv100I-F200-B25-V1D	-
Pepperl-Fuchs	Pcv100-F200-B25-V1D-6011-6720 Firmware	<= 1.10.0
Pepperl-Fuchs	Pcv100-F200-B25-V1D-6011-6720	-
Pepperl-Fuchs	Pcv50-F200-B25-V1D Firmware	<= 1.10.0
Pepperl-Fuchs	Pcv50-F200-B25-V1D	-
Pepperl-Fuchs	Pcv80-F200-B25-V1D Firmware	<= 1.10.0

Related Weaknesses (CWE)

CWE-787

References

https://cert.vde.com/en-us/advisories/vde-2021-007Third Party Advisory
https://kb.hilscher.com/pages/viewpage.action?pageId=108969480Vendor Advisory
https://cert.vde.com/en-us/advisories/vde-2021-007Third Party Advisory
https://kb.hilscher.com/pages/viewpage.action?pageId=108969480Vendor Advisory

FAQ

What is CVE-2021-20987?

CVE-2021-20987 is a vulnerability with a CVSS score of 8.6 (HIGH). A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without recov...

How severe is CVE-2021-20987?

CVE-2021-20987 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-20987?

Check the references section above for vendor advisories and patch information. Affected products include: Hilscher Ethernet\/Ip Adapter Firmware, Hilscher Ethernet\/Ip Adapter, Pepperl-Fuchs Wcs Firmware, Pepperl-Fuchs Wcs3B-Ls510, Pepperl-Fuchs Wcs3B-Ls510-Om.