Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-20986

A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This may lead to unexpected loss of cyclic communication or interruption of acyclic communication.

Published

2021-02-16T17:15:12.817

Last Modified

2024-11-21T05:47:20.170

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-787
Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	hilscher	profinet_io_device_firmware	< 3.14.0.7	Yes
Hardware	hilscher	profinet_io_device	-	No
Operating System	pepperl-fuchs	pgv100-f200a-b17-v1d_firmware	≤ 2.0.0	Yes
Hardware	pepperl-fuchs	pgv100-f200a-b17-v1d	-	No
Operating System	pepperl-fuchs	pgv150i-f200a-b17-v1d_firmware	≤ 2.0.0	Yes
Hardware	pepperl-fuchs	pgv150i-f200a-b17-v1d	-	No
Operating System	pepperl-fuchs	pgv100-f200-b17-v1d-7477_firmware	≤ 2.0.0	Yes
Hardware	pepperl-fuchs	pgv100-f200-b17-v1d-7477	-	No
Operating System	pepperl-fuchs	pxv100-f200-b17-v1d_firmware	≤ 4.2.0	Yes
Hardware	pepperl-fuchs	pxv100-f200-b17-v1d	-	No
Operating System	pepperl-fuchs	pxv100-f200-b17-v1d-3636_firmware	≤ 4.2.0	Yes
Hardware	pepperl-fuchs	pxv100-f200-b17-v1d-3636	-	No
Operating System	pepperl-fuchs	pcv80-f200-b17-v1d_firmware	≤ 3.2.3	Yes
Hardware	pepperl-fuchs	pcv80-f200-b17-v1d	-	No
Operating System	pepperl-fuchs	pcv100-f200-b17-v1d_firmware	≤ 3.2.3	Yes
Hardware	pepperl-fuchs	pcv100-f200-b17-v1d	-	No
Operating System	pepperl-fuchs	pcv50-f200-b17-v1d_firmware	≤ 3.2.3	Yes
Hardware	pepperl-fuchs	pcv50-f200-b17-v1d	-	No
Operating System	pepperl-fuchs	pcv100-f200-b17-v1d-6011-6997_firmware	≤ 3.2.3	Yes
Hardware	pepperl-fuchs	pcv100-f200-b17-v1d-6011-6997	-	No
Operating System	pepperl-fuchs	pcv100-f200-b17-v1d-6011_firmware	≤ 3.2.5	Yes
Hardware	pepperl-fuchs	pcv100-f200-b17-v1d-6011	-	No
Operating System	pepperl-fuchs	pcv100-f200-b17-v1d-6011-8203_firmware	≤ 3.2.5	Yes
Hardware	pepperl-fuchs	pcv100-f200-b17-v1d-6011-8203	-	No
Operating System	pepperl-fuchs	pxv100a-f200-b28-v1d_firmware	≤ 1.0.3	Yes
Hardware	pepperl-fuchs	pxv100a-f200-b28-v1d	-	No
Operating System	pepperl-fuchs	pxv100a-f200-b28-v1d-6011_firmware	≤ 1.0.3	Yes
Hardware	pepperl-fuchs	pxv100a-f200-b28-v1d-6011	-	No
Operating System	pepperl-fuchs	pgv100a-f200-b28-v1d_firmware	≤ 1.0.3	Yes
Hardware	pepperl-fuchs	pgv100a-f200-b28-v1d	-	No
Operating System	pepperl-fuchs	pgv100a-f200a-b28-v1d_firmware	≤ 1.0.3	Yes
Hardware	pepperl-fuchs	pgv100a-f200a-b28-v1d	-	No
Operating System	pepperl-fuchs	pgv100aq-f200a-b28-v1d_firmware	≤ 2.1.1	Yes
Hardware	pepperl-fuchs	pgv100aq-f200a-b28-v1d	-	No
Operating System	pepperl-fuchs	pgv100aq-f200-b28-v1d_firmware	≤ 2.1.1	Yes
Hardware	pepperl-fuchs	pgv100aq-f200-b28-v1d	-	No
Operating System	pepperl-fuchs	pxv100aq-f200-b28-v1d_firmware	≤ 2.1.1	Yes
Hardware	pepperl-fuchs	pxv100aq-f200-b28-v1d	-	No
Operating System	pepperl-fuchs	pxv100aq-f200-b28-v1d-6011_firmware	≤ 2.1.1	Yes
Hardware	pepperl-fuchs	pxv100aq-f200-b28-v1d-6011	-	No
Operating System	pepperl-fuchs	ohv-f230-b17_firmware	≤ 1.1.0	Yes
Hardware	pepperl-fuchs	ohv-f230-b17	-	No
Operating System	pepperl-fuchs	oit500-f113b17-cb_firmware	≤ 1.3.4	Yes
Hardware	pepperl-fuchs	oit500-f113b17-cb	-	No
Operating System	pepperl-fuchs	pha_firmware	≤ 3.1.5	Yes
Hardware	pepperl-fuchs	pha150-f200-b17-v1d	-	No
Hardware	pepperl-fuchs	pha150-f200a-b17-v1d	-	No
Hardware	pepperl-fuchs	pha200-f200-b17-v1d	-	No
Hardware	pepperl-fuchs	pha200-f200a-b17-t-v1d	-	No
Hardware	pepperl-fuchs	pha200-f200a-b17-v1d	-	No
Hardware	pepperl-fuchs	pha300-f200-b17-t-v1d	-	No
Hardware	pepperl-fuchs	pha300-f200-b17-v1d	-	No
Hardware	pepperl-fuchs	pha300-f200a-b17-t-v1d	-	No
Hardware	pepperl-fuchs	pha300-f200a-b17-v1d	-	No
Hardware	pepperl-fuchs	pha400-f200-b17-v1d	-	No
Hardware	pepperl-fuchs	pha400-f200a-b17-t-v1d	-	No
Hardware	pepperl-fuchs	pha400-f200a-b17-v1d	-	No
Hardware	pepperl-fuchs	pha500-f200-b17-v1d	-	No
Hardware	pepperl-fuchs	pha500-f200a-b17-t-v1d	-	No
Hardware	pepperl-fuchs	pha500-f200a-b17-v1d	-	No
Hardware	pepperl-fuchs	pha600-f200-b17-v1d	-	No
Hardware	pepperl-fuchs	pha600-f200a-b17-v1d	-	No
Hardware	pepperl-fuchs	pha700-f200-b17-v1d	-	No
Hardware	pepperl-fuchs	pha800-f200-b17-v1d	-	No
Operating System	pepperl-fuchs	wcs_firmware	≤ 3.0.0	Yes
Hardware	pepperl-fuchs	wcs3b-ls610	-	No
Hardware	pepperl-fuchs	wcs3b-ls610-om	-	No
Hardware	pepperl-fuchs	wcs3b-ls610d	-	No
Hardware	pepperl-fuchs	wcs3b-ls610d-om	-	No
Hardware	pepperl-fuchs	wcs3b-ls610dh	-	No
Hardware	pepperl-fuchs	wcs3b-ls610dh-om	-	No
Hardware	pepperl-fuchs	wcs3b-ls610h	-	No
Hardware	pepperl-fuchs	wcs3b-ls610h-om	-	No

References

https://cert.vde.com/en-us/advisories/vde-2021-006 Third Party Advisory ([email protected])
https://kb.hilscher.com/display/ISMS/2020-12-03+Denial+of+Service+vulnerability+in+PROFINET+IO+Device Vendor Advisory ([email protected])
https://cert.vde.com/en-us/advisories/vde-2021-006 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://kb.hilscher.com/display/ISMS/2020-12-03+Denial+of+Service+vulnerability+in+PROFINET+IO+Device Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)