CVSS: 8.6EPSS: 0%CPEs: 17EXPL: 0CVE-2021-20988 – Hilscher rcX RTOS: Wrong handling of the UDP checksum
https://notcve.org/view.php?id=CVE-2021-20988
In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by the packet. This may lead to a denial of service of the affected device. En Hilscher rcX RTOS versiones anteriores a V2.1.14.1, la longitud real del paquete UDP no es verificado con la longitud indicada por el paquete. Esto puede resultar a una denegación de servicio del dispositivo afectado • https://cert.vde.com/de-de/advisories/vde-2021-018 https://kb.hilscher.com/display/ISMS/2019-04-10+Wrong+handling+of+the+UDP+checksum • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.6EPSS: 0%CPEs: 23EXPL: 0CVE-2021-20987 – Hilscher: EtherNet/IP stack crash for specific CIP service
https://notcve.org/view.php?id=CVE-2021-20987
A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without recovery. Se encontró una vulnerabilidad de denegación de servicio y corrupción de memoria en Hilscher EtherNet/IP Core versiones V2 anteriores a V2.13.0.21, que puede conllevar a una inyección de código a través de la red o hacer que los dispositivos se bloqueen sin recuperación • https://cert.vde.com/en-us/advisories/vde-2021-007 https://kb.hilscher.com/pages/viewpage.action?pageId=108969480 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 73EXPL: 0CVE-2021-20986 – Hilscher: Denial of Service vulnerability in PROFINET IO Device
https://notcve.org/view.php?id=CVE-2021-20986
A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This may lead to unexpected loss of cyclic communication or interruption of acyclic communication. Se encontró una vulnerabilidad de Denegación de Servicio en Hilscher PROFINET IO Device versiones V3 anteriores a V3.14.0.7. Esto puede conllevar a una pérdida inesperada de la comunicación cíclica o a una interrupción de la comunicación acíclica • https://cert.vde.com/en-us/advisories/vde-2021-006 https://kb.hilscher.com/display/ISMS/2020-12-03+Denial+of+Service+vulnerability+in+PROFINET+IO+Device • CWE-787: Out-of-bounds Write •