VDE-2020-050 | CERT@VDE

2021-02-15 14:33 (CET) VDE-2020-050

Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service

Share: Email | Twitter

ID

VDE-2020-050

Published

2021-02-15 14:33 (CET)

Last update

2021-02-15 14:33 (CET)

Vendor(s)

Pepperl+Fuchs SE

Product(s)

Article No°	Product Name	Affected Version(s)
	IC-KP2-1HB17-2V1D	<= 18-31766H
	IC-KP2-2HB17-2V1D	<= 18-31440H
	IC-KP-B17-AIDA1	<= 18-31785F

Summary

Critical vulnerability has been discovered in the utilized component 499ES EtherNet/IP Stack by Real Time Automation (RTA).

CVE ID

CVE-2020-25159

Last Update:

March 4, 2021, 1:05 p.m.

Severity

9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Weakness

Stack-based Buffer Overflow (CWE-121)

Summary

499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution.

Details

nvd.nist.gov

Impact

Pepperl+Fuchs analyzed and identified affected devices.
Remote attackers may exploit the vulnerability sending specially crafted packages that may result in a denial-of-service condition or code execution.

Solution

Mitigation

An external protective measure is required.

Minimize network exposure for affected products and ensure that they are not accessible via the Internet.
Isolate affected products from the corporate network.
If remote access is required, use secure methods such as virtual private networks (VPNs).

Reported by

Sharon Brizinov of Claroty reported this vulnerability to CISA.
Coordinated by CERT@VDE