CVE-2021-27477
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop.
Cuando JTEKT Corporation TOYOPUC PLC versiones PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P y PC10GE reciben una trama no válida, el área exterior de un búfer de recepción para FL-net se sobrescribe. Como resultado, la CPU del PLC detecta un error del sistema y los productos afectados se detienen
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-02-19 CVE Reserved
- 2021-07-01 CVE Published
- 2024-03-16 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-787: Out-of-bounds Write
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Jtekt Search vendor "Jtekt" | Pc10g-cpu Firmware Search vendor "Jtekt" for product "Pc10g-cpu Firmware" | < 3.91 Search vendor "Jtekt" for product "Pc10g-cpu Firmware" and version " < 3.91" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Pc10g-cpu Search vendor "Jtekt" for product "Pc10g-cpu" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | 2port-efr Firmware Search vendor "Jtekt" for product "2port-efr Firmware" | < 1.50 Search vendor "Jtekt" for product "2port-efr Firmware" and version " < 1.50" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | 2port-efr Search vendor "Jtekt" for product "2port-efr" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Plus Cpu Firmware Search vendor "Jtekt" for product "Plus Cpu Firmware" | < 3.11 Search vendor "Jtekt" for product "Plus Cpu Firmware" and version " < 3.11" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Plus Cpu Search vendor "Jtekt" for product "Plus Cpu" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Plus Ex Firmware Search vendor "Jtekt" for product "Plus Ex Firmware" | < 3.11 Search vendor "Jtekt" for product "Plus Ex Firmware" and version " < 3.11" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Plus Ex Search vendor "Jtekt" for product "Plus Ex" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Plus Ex2 Firmware Search vendor "Jtekt" for product "Plus Ex2 Firmware" | < 3.11 Search vendor "Jtekt" for product "Plus Ex2 Firmware" and version " < 3.11" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Plus Ex2 Search vendor "Jtekt" for product "Plus Ex2" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Plus Efr Firmware Search vendor "Jtekt" for product "Plus Efr Firmware" | < 3.11 Search vendor "Jtekt" for product "Plus Efr Firmware" and version " < 3.11" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Plus Efr Search vendor "Jtekt" for product "Plus Efr" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Plus Efr2 Firmware Search vendor "Jtekt" for product "Plus Efr2 Firmware" | < 3.11 Search vendor "Jtekt" for product "Plus Efr2 Firmware" and version " < 3.11" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Plus Efr2 Search vendor "Jtekt" for product "Plus Efr2" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Plus 2p-efr Firmware Search vendor "Jtekt" for product "Plus 2p-efr Firmware" | < 3.11 Search vendor "Jtekt" for product "Plus 2p-efr Firmware" and version " < 3.11" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Plus 2p-efr Search vendor "Jtekt" for product "Plus 2p-efr" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Pc10p-dp Firmware Search vendor "Jtekt" for product "Pc10p-dp Firmware" | < 1.50 Search vendor "Jtekt" for product "Pc10p-dp Firmware" and version " < 1.50" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Pc10p-dp Search vendor "Jtekt" for product "Pc10p-dp" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Pc10p-dp-io Firmware Search vendor "Jtekt" for product "Pc10p-dp-io Firmware" | < 1.50 Search vendor "Jtekt" for product "Pc10p-dp-io Firmware" and version " < 1.50" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Pc10p-dp-io Search vendor "Jtekt" for product "Pc10p-dp-io" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Plus Bus-ex Firmware Search vendor "Jtekt" for product "Plus Bus-ex Firmware" | < 2.13 Search vendor "Jtekt" for product "Plus Bus-ex Firmware" and version " < 2.13" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Plus Bus-ex Search vendor "Jtekt" for product "Plus Bus-ex" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Nano 10gx Firmware Search vendor "Jtekt" for product "Nano 10gx Firmware" | < 3.00 Search vendor "Jtekt" for product "Nano 10gx Firmware" and version " < 3.00" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Nano 10gx Search vendor "Jtekt" for product "Nano 10gx" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Nano 2et Firmware Search vendor "Jtekt" for product "Nano 2et Firmware" | < 2.40 Search vendor "Jtekt" for product "Nano 2et Firmware" and version " < 2.40" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Nano 2et Search vendor "Jtekt" for product "Nano 2et" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Pc10pe Firmware Search vendor "Jtekt" for product "Pc10pe Firmware" | < 1.02 Search vendor "Jtekt" for product "Pc10pe Firmware" and version " < 1.02" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Pc10pe Search vendor "Jtekt" for product "Pc10pe" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Pc10pe-16\/16p Firmware Search vendor "Jtekt" for product "Pc10pe-16\/16p Firmware" | < 1.02 Search vendor "Jtekt" for product "Pc10pe-16\/16p Firmware" and version " < 1.02" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Pc10pe-16\/16p Search vendor "Jtekt" for product "Pc10pe-16\/16p" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Pc10e Firmware Search vendor "Jtekt" for product "Pc10e Firmware" | < 1.02 Search vendor "Jtekt" for product "Pc10e Firmware" and version " < 1.02" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Pc10e Search vendor "Jtekt" for product "Pc10e" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Fl\/et-t-v2h Firmware Search vendor "Jtekt" for product "Fl\/et-t-v2h Firmware" | < f2.8_e1.5 Search vendor "Jtekt" for product "Fl\/et-t-v2h Firmware" and version " < f2.8_e1.5" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Fl\/et-t-v2h Search vendor "Jtekt" for product "Fl\/et-t-v2h" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Pc10b Firmware Search vendor "Jtekt" for product "Pc10b Firmware" | < 1.11 Search vendor "Jtekt" for product "Pc10b Firmware" and version " < 1.11" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Pc10b Search vendor "Jtekt" for product "Pc10b" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Pc10b-p Firmware Search vendor "Jtekt" for product "Pc10b-p Firmware" | < 1.11 Search vendor "Jtekt" for product "Pc10b-p Firmware" and version " < 1.11" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Pc10b-p Search vendor "Jtekt" for product "Pc10b-p" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Nano Cpu Firmware Search vendor "Jtekt" for product "Nano Cpu Firmware" | < 2.08 Search vendor "Jtekt" for product "Nano Cpu Firmware" and version " < 2.08" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Nano Cpu Search vendor "Jtekt" for product "Nano Cpu" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Pc10p Firmware Search vendor "Jtekt" for product "Pc10p Firmware" | < 1.05 Search vendor "Jtekt" for product "Pc10p Firmware" and version " < 1.05" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Pc10p Search vendor "Jtekt" for product "Pc10p" | - | - |
Safe
|
| Jtekt Search vendor "Jtekt" | Pc10ge Firmware Search vendor "Jtekt" for product "Pc10ge Firmware" | < 1.04 Search vendor "Jtekt" for product "Pc10ge Firmware" and version " < 1.04" | - |
Affected
| in | Jtekt Search vendor "Jtekt" | Pc10ge Search vendor "Jtekt" for product "Pc10ge" | - | - |
Safe
|