// For flags

CVE-2021-22288

SECURITY – Denial of Service Vulnerabilities in SPIET800 INFI-Net to Ethernet Transfer module and PNI800 S+ Ethernet communication interface module

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive.

Una vulnerabilidad de Comprobación de Entrada Inapropiada en el módulo ABB SPIET800 y PNI800 permite a un atacante causar la denegación de servicio o causar que el módulo no responda

*Credits: ABB thanks Lance Lamont from Verve Industrial Protection and Ron Brash from Verve Industrial Protection/aDolus Technology Inc. helping to identify the vulnerabilities and protecting our customers.
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-01-05 CVE Reserved
  • 2022-02-04 CVE Published
  • 2024-09-17 CVE Updated
  • 2024-10-20 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Abb
Search vendor "Abb"
Pni800 Firmware
Search vendor "Abb" for product "Pni800 Firmware"
<= a_b
Search vendor "Abb" for product "Pni800 Firmware" and version " <= a_b"
-
Affected
in Abb
Search vendor "Abb"
Pni800
Search vendor "Abb" for product "Pni800"
--
Safe
Abb
Search vendor "Abb"
Spiet800 Firmware
Search vendor "Abb" for product "Spiet800 Firmware"
<= a_b
Search vendor "Abb" for product "Spiet800 Firmware" and version " <= a_b"
-
Affected
in Abb
Search vendor "Abb"
Spiet800
Search vendor "Abb" for product "Spiet800"
--
Safe