VDE-2021-018 — Vulnetix

VDE-2021-018 PUBLISHED CVSS 8.600000381469727 HIGH

Critical vulnerability has been discovered in the utilized components rcX, mbedTLS, PROFINET IO Device and EtherNet/IP Core by Hilscher Gesellschaft für Systemautomation mbH. The impact of the vulnerabilities on the affected device is that it can result in: * Denial of Service (DoS) * Remote Code Execution (RCE) * Code Exposure **Note:** ICE1-8IOL-S2-G60L-V1D (70103603) is not affected by CVE-2021-20986

Risk Scores

CVSS v3.1

8.600000381469727

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
	Hardware ICE1-16DIO-G60L-C1-V1D <= F10017
	Hardware ICE1-8DI8DO-G60L-C1-V1D <= F10017
	Hardware ICE1-8IOL-S2-G60L-V1D <= F10017
	Hardware ICE1-16DI-G60L-V1D <= F10017
	Hardware ICE1-8DI8DO-G60L-V1D <= F10017
	Hardware ICE1-8IOL-G60L-V1D <= F10017
	Hardware ICE1-8IOL-G30L-V1D <= F10017
	Hardware ICE1-16DIO-G60L-V1D <= F10017

Timeline

May 12, 2021 CVE Published

References

https://certvde.com/de/advisories/vendor/pepperl+fuchs/ url
https://certvde.com/en/advisories/VDE-2021-018 advisory
https://pepperl-fuchs.csaf-tp.certvde.com/.well-known/csaf/white/2021/vde-2021-018.json advisory

Open in Interactive Console →