CVE-2021-20986

Hilscher: Denial of Service vulnerability in PROFINET IO Device

CVSS 7.5 HIGHEPSS 1.0%CWE-787

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 7.5EPSS 1.0%KEV nãoPoC —Patch —

Lifecycle

Feb 16, 2021Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This may lead to unexpected loss of cyclic communication or interruption of acyclic communication.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Hilscher · PROFINET IO Device Pepper+Fuchs · OHV Pepper+Fuchs · OIT Pepper+Fuchs · PCV/PXV/PGV Pepper+Fuchs · PHA Pepper+Fuchs · PXV/PGV B28 Profisafe Pepper+Fuchs · WCS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://cert.vde.com/en-us/advisories/vde-2021-006 https://kb.hilscher.com/display/ISMS/2020-12-03+Denial+of+Service+vulnerability+in+PROFINET+IO+Device