Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-27477 (GCVE-0-2021-27477)
Vulnerability from cvelistv5 – Published: 2021-07-01 12:01 – Updated: 2024-08-03 20:48
VLAI
EPSS
Summary
When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop.
Severity
7.5 (High)
CWE
- CWE-119 - IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | JTEKT Corporation TOYOPUC PLC |
Affected:
The following versions of the PLC are affected: PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, PC10GE.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:17.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "JTEKT Corporation TOYOPUC PLC",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "The following versions of the PLC are affected: PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, PC10GE."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-01T12:01:36.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2021-27477",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "JTEKT Corporation TOYOPUC PLC",
"version": {
"version_data": [
{
"version_value": "The following versions of the PLC are affected: PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, PC10GE."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-27477",
"datePublished": "2021-07-01T12:01:36.000Z",
"dateReserved": "2021-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-03T20:48:17.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-27477",
"date": "2026-06-05",
"epss": "0.00234",
"percentile": "0.4649"
},
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:pc10g-cpu_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.91\", \"matchCriteriaId\": \"22D9DDA3-97E5-4126-A25C-B97CC4E0ECB1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:pc10g-cpu:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC86B853-5B5B-4289-9A44-5CE055B043EE\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:2port-efr_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.50\", \"matchCriteriaId\": \"C664399E-1234-4B87-A95F-3D3EED021E7E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:2port-efr:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A13F82D-1759-4599-A976-185A13624362\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:plus_cpu_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.11\", \"matchCriteriaId\": \"A5D1D75E-5D41-4B0E-AF16-6A23E012185F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:plus_cpu:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D9F88F4-3DBA-4BCB-B335-792ACD46C41D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:plus_ex_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.11\", \"matchCriteriaId\": \"F60432C2-5D24-4A00-BF0B-1E658DD7E10C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:plus_ex:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CBBBFB02-98BA-49AA-89EC-5A2A601425F8\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:plus_ex2_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.11\", \"matchCriteriaId\": \"90926718-2F18-40AB-8DB5-8D15D66D8396\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:plus_ex2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA38A495-AF65-4819-BEBC-F23A4B8FFA0F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:plus_efr_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.11\", \"matchCriteriaId\": \"FD733D20-E696-4713-9509-AEED02753EF0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:plus_efr:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"466211B5-2205-4C37-ABBC-0C0E089D8C27\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:plus_efr2_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.11\", \"matchCriteriaId\": \"3EC7E293-6A02-405D-8D0F-9D28220463E1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:plus_efr2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7AC3C38F-361E-4FF9-B7DE-06B559501DA7\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:plus_2p-efr_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.11\", \"matchCriteriaId\": \"E4791655-E74A-4095-8D8F-2C2B4503CC12\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:plus_2p-efr:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46EBD44A-2598-4E62-8A55-A752A64EDE98\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:pc10p-dp_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.50\", \"matchCriteriaId\": \"EE4A9827-4275-4272-9296-FFF0D9E384D4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:pc10p-dp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0B3FDE8-3035-4C51-A182-E51644C7F5F1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:pc10p-dp-io_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.50\", \"matchCriteriaId\": \"207AF20B-B162-4CD9-8232-889E678143FB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:pc10p-dp-io:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7D9B4E8-78A6-437C-8F8C-8D79675BE5CB\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:plus_bus-ex_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.13\", \"matchCriteriaId\": \"3811E760-B0AD-40A0-BB1A-B62F9EE428CD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:plus_bus-ex:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9A82BE9-F39A-47A7-9520-77AAFAA7B32A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:nano_10gx_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.00\", \"matchCriteriaId\": \"E5A4C13D-C002-4333-8C77-F081036F76B3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:nano_10gx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00855C73-B9ED-4FA3-BDCC-48AD3FC48FF9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:nano_2et_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.40\", \"matchCriteriaId\": \"60E21DE9-8377-4B68-AF43-B4B34F966D99\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:nano_2et:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36DC1328-A8C0-4BEC-A645-542F509537F6\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:pc10pe_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.02\", \"matchCriteriaId\": \"B6233EC3-DCB8-4791-B8F1-1F5A4CE21A41\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:pc10pe:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"100ACE3B-F022-4123-8961-EB347C42D028\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:pc10pe-16\\\\/16p_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.02\", \"matchCriteriaId\": \"991DF456-2F99-4C1C-857B-2F2EFF4683C1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:pc10pe-16\\\\/16p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3CDA45F-6A2A-4BDF-9F0D-24EE765C6591\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:pc10e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.02\", \"matchCriteriaId\": \"1982B0CF-4BBB-494F-8A54-1970BC418022\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:pc10e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3FC9555-212D-45FE-94E4-9856A6AC91D2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:fl\\\\/et-t-v2h_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"f2.8_e1.5\", \"matchCriteriaId\": \"223BE690-BD32-48AE-8225-7EA45197136C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:fl\\\\/et-t-v2h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1C90F4A-1BB8-4E8F-B5E1-B3EA43D0FBE7\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:pc10b_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.11\", \"matchCriteriaId\": \"C254E232-8DD3-482F-8562-892A0571B084\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:pc10b:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4D57AED-D31C-4105-99D8-06742DF7A75C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:pc10b-p_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.11\", \"matchCriteriaId\": \"2087D15B-0258-45E8-804A-0FD55290BBE3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:pc10b-p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B8703AC-8F8E-42B9-AAB3-D4F47B46190E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:nano_cpu_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.08\", \"matchCriteriaId\": \"B5EA675C-9EEF-4CA6-9D06-EF4E20FBD4D5\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:nano_cpu:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98E70744-495C-425D-A8A4-6C421B3253EE\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:pc10p_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.05\", \"matchCriteriaId\": \"A5DD46C4-4756-4965-A293-174F766B409F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:pc10p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"322AD962-FAF4-4AEE-BFC0-275AEF6F4C67\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:jtekt:pc10ge_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.04\", \"matchCriteriaId\": \"0F2ADB5C-A29F-42F9-81D8-64B4448C996A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:jtekt:pc10ge:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"54CA6C5D-D9CB-4E27-AA6B-0276A7499315\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop.\"}, {\"lang\": \"es\", \"value\": \"Cuando JTEKT Corporation TOYOPUC PLC versiones PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P y PC10GE reciben una trama no v\\u00e1lida, el \\u00e1rea exterior de un b\\u00fafer de recepci\\u00f3n para FL-net se sobrescribe. Como resultado, la CPU del PLC detecta un error del sistema y los productos afectados se detienen\"}]",
"id": "CVE-2021-27477",
"lastModified": "2024-11-21T05:58:04.313",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-07-01T13:15:08.003",
"references": "[{\"url\": \"https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}]",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-27477\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2021-07-01T13:15:08.003\",\"lastModified\":\"2024-11-21T05:58:04.313\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop.\"},{\"lang\":\"es\",\"value\":\"Cuando JTEKT Corporation TOYOPUC PLC versiones PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P y PC10GE reciben una trama no v\u00e1lida, el \u00e1rea exterior de un b\u00fafer de recepci\u00f3n para FL-net se sobrescribe. Como resultado, la CPU del PLC detecta un error del sistema y los productos afectados se detienen\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:pc10g-cpu_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.91\",\"matchCriteriaId\":\"22D9DDA3-97E5-4126-A25C-B97CC4E0ECB1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:pc10g-cpu:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC86B853-5B5B-4289-9A44-5CE055B043EE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:2port-efr_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.50\",\"matchCriteriaId\":\"C664399E-1234-4B87-A95F-3D3EED021E7E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:2port-efr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A13F82D-1759-4599-A976-185A13624362\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:plus_cpu_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.11\",\"matchCriteriaId\":\"A5D1D75E-5D41-4B0E-AF16-6A23E012185F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:plus_cpu:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D9F88F4-3DBA-4BCB-B335-792ACD46C41D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:plus_ex_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.11\",\"matchCriteriaId\":\"F60432C2-5D24-4A00-BF0B-1E658DD7E10C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:plus_ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBBBFB02-98BA-49AA-89EC-5A2A601425F8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:plus_ex2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.11\",\"matchCriteriaId\":\"90926718-2F18-40AB-8DB5-8D15D66D8396\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:plus_ex2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA38A495-AF65-4819-BEBC-F23A4B8FFA0F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:plus_efr_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.11\",\"matchCriteriaId\":\"FD733D20-E696-4713-9509-AEED02753EF0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:plus_efr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"466211B5-2205-4C37-ABBC-0C0E089D8C27\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:plus_efr2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.11\",\"matchCriteriaId\":\"3EC7E293-6A02-405D-8D0F-9D28220463E1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:plus_efr2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AC3C38F-361E-4FF9-B7DE-06B559501DA7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:plus_2p-efr_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.11\",\"matchCriteriaId\":\"E4791655-E74A-4095-8D8F-2C2B4503CC12\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:plus_2p-efr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46EBD44A-2598-4E62-8A55-A752A64EDE98\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:pc10p-dp_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.50\",\"matchCriteriaId\":\"EE4A9827-4275-4272-9296-FFF0D9E384D4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:pc10p-dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0B3FDE8-3035-4C51-A182-E51644C7F5F1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:pc10p-dp-io_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.50\",\"matchCriteriaId\":\"207AF20B-B162-4CD9-8232-889E678143FB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:pc10p-dp-io:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7D9B4E8-78A6-437C-8F8C-8D79675BE5CB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:plus_bus-ex_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.13\",\"matchCriteriaId\":\"3811E760-B0AD-40A0-BB1A-B62F9EE428CD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:plus_bus-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9A82BE9-F39A-47A7-9520-77AAFAA7B32A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:nano_10gx_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.00\",\"matchCriteriaId\":\"E5A4C13D-C002-4333-8C77-F081036F76B3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:nano_10gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00855C73-B9ED-4FA3-BDCC-48AD3FC48FF9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:nano_2et_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.40\",\"matchCriteriaId\":\"60E21DE9-8377-4B68-AF43-B4B34F966D99\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:nano_2et:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36DC1328-A8C0-4BEC-A645-542F509537F6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:pc10pe_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.02\",\"matchCriteriaId\":\"B6233EC3-DCB8-4791-B8F1-1F5A4CE21A41\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:pc10pe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"100ACE3B-F022-4123-8961-EB347C42D028\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:pc10pe-16\\\\/16p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.02\",\"matchCriteriaId\":\"991DF456-2F99-4C1C-857B-2F2EFF4683C1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:pc10pe-16\\\\/16p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3CDA45F-6A2A-4BDF-9F0D-24EE765C6591\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:pc10e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.02\",\"matchCriteriaId\":\"1982B0CF-4BBB-494F-8A54-1970BC418022\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:pc10e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3FC9555-212D-45FE-94E4-9856A6AC91D2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:fl\\\\/et-t-v2h_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"f2.8_e1.5\",\"matchCriteriaId\":\"223BE690-BD32-48AE-8225-7EA45197136C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:fl\\\\/et-t-v2h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1C90F4A-1BB8-4E8F-B5E1-B3EA43D0FBE7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:pc10b_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.11\",\"matchCriteriaId\":\"C254E232-8DD3-482F-8562-892A0571B084\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:pc10b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4D57AED-D31C-4105-99D8-06742DF7A75C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:pc10b-p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.11\",\"matchCriteriaId\":\"2087D15B-0258-45E8-804A-0FD55290BBE3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:pc10b-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B8703AC-8F8E-42B9-AAB3-D4F47B46190E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:nano_cpu_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.08\",\"matchCriteriaId\":\"B5EA675C-9EEF-4CA6-9D06-EF4E20FBD4D5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:nano_cpu:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98E70744-495C-425D-A8A4-6C421B3253EE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:pc10p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.05\",\"matchCriteriaId\":\"A5DD46C4-4756-4965-A293-174F766B409F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:pc10p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"322AD962-FAF4-4AEE-BFC0-275AEF6F4C67\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:jtekt:pc10ge_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.04\",\"matchCriteriaId\":\"0F2ADB5C-A29F-42F9-81D8-64B4448C996A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:jtekt:pc10ge:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54CA6C5D-D9CB-4E27-AA6B-0276A7499315\"}]}]}],\"references\":[{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
}
}
FKIE_CVE-2021-27477
Vulnerability from fkie_nvd - Published: 2021-07-01 13:15 - Updated: 2024-11-21 05:58
Severity
Summary
When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jtekt | pc10g-cpu_firmware | * | |
| jtekt | pc10g-cpu | - | |
| jtekt | 2port-efr_firmware | * | |
| jtekt | 2port-efr | - | |
| jtekt | plus_cpu_firmware | * | |
| jtekt | plus_cpu | - | |
| jtekt | plus_ex_firmware | * | |
| jtekt | plus_ex | - | |
| jtekt | plus_ex2_firmware | * | |
| jtekt | plus_ex2 | - | |
| jtekt | plus_efr_firmware | * | |
| jtekt | plus_efr | - | |
| jtekt | plus_efr2_firmware | * | |
| jtekt | plus_efr2 | - | |
| jtekt | plus_2p-efr_firmware | * | |
| jtekt | plus_2p-efr | - | |
| jtekt | pc10p-dp_firmware | * | |
| jtekt | pc10p-dp | - | |
| jtekt | pc10p-dp-io_firmware | * | |
| jtekt | pc10p-dp-io | - | |
| jtekt | plus_bus-ex_firmware | * | |
| jtekt | plus_bus-ex | - | |
| jtekt | nano_10gx_firmware | * | |
| jtekt | nano_10gx | - | |
| jtekt | nano_2et_firmware | * | |
| jtekt | nano_2et | - | |
| jtekt | pc10pe_firmware | * | |
| jtekt | pc10pe | - | |
| jtekt | pc10pe-16\/16p_firmware | * | |
| jtekt | pc10pe-16\/16p | - | |
| jtekt | pc10e_firmware | * | |
| jtekt | pc10e | - | |
| jtekt | fl\/et-t-v2h_firmware | * | |
| jtekt | fl\/et-t-v2h | - | |
| jtekt | pc10b_firmware | * | |
| jtekt | pc10b | - | |
| jtekt | pc10b-p_firmware | * | |
| jtekt | pc10b-p | - | |
| jtekt | nano_cpu_firmware | * | |
| jtekt | nano_cpu | - | |
| jtekt | pc10p_firmware | * | |
| jtekt | pc10p | - | |
| jtekt | pc10ge_firmware | * | |
| jtekt | pc10ge | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:pc10g-cpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22D9DDA3-97E5-4126-A25C-B97CC4E0ECB1",
"versionEndExcluding": "3.91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:pc10g-cpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC86B853-5B5B-4289-9A44-5CE055B043EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:2port-efr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C664399E-1234-4B87-A95F-3D3EED021E7E",
"versionEndExcluding": "1.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:2port-efr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A13F82D-1759-4599-A976-185A13624362",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:plus_cpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D1D75E-5D41-4B0E-AF16-6A23E012185F",
"versionEndExcluding": "3.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:plus_cpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D9F88F4-3DBA-4BCB-B335-792ACD46C41D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:plus_ex_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F60432C2-5D24-4A00-BF0B-1E658DD7E10C",
"versionEndExcluding": "3.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:plus_ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBBBFB02-98BA-49AA-89EC-5A2A601425F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:plus_ex2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90926718-2F18-40AB-8DB5-8D15D66D8396",
"versionEndExcluding": "3.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:plus_ex2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA38A495-AF65-4819-BEBC-F23A4B8FFA0F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:plus_efr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD733D20-E696-4713-9509-AEED02753EF0",
"versionEndExcluding": "3.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:plus_efr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "466211B5-2205-4C37-ABBC-0C0E089D8C27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:plus_efr2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC7E293-6A02-405D-8D0F-9D28220463E1",
"versionEndExcluding": "3.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:plus_efr2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC3C38F-361E-4FF9-B7DE-06B559501DA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:plus_2p-efr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4791655-E74A-4095-8D8F-2C2B4503CC12",
"versionEndExcluding": "3.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:plus_2p-efr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46EBD44A-2598-4E62-8A55-A752A64EDE98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:pc10p-dp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4A9827-4275-4272-9296-FFF0D9E384D4",
"versionEndExcluding": "1.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:pc10p-dp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B3FDE8-3035-4C51-A182-E51644C7F5F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:pc10p-dp-io_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "207AF20B-B162-4CD9-8232-889E678143FB",
"versionEndExcluding": "1.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:pc10p-dp-io:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7D9B4E8-78A6-437C-8F8C-8D79675BE5CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:plus_bus-ex_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3811E760-B0AD-40A0-BB1A-B62F9EE428CD",
"versionEndExcluding": "2.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:plus_bus-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A82BE9-F39A-47A7-9520-77AAFAA7B32A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:nano_10gx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A4C13D-C002-4333-8C77-F081036F76B3",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:nano_10gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00855C73-B9ED-4FA3-BDCC-48AD3FC48FF9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:nano_2et_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60E21DE9-8377-4B68-AF43-B4B34F966D99",
"versionEndExcluding": "2.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:nano_2et:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36DC1328-A8C0-4BEC-A645-542F509537F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:pc10pe_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6233EC3-DCB8-4791-B8F1-1F5A4CE21A41",
"versionEndExcluding": "1.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:pc10pe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "100ACE3B-F022-4123-8961-EB347C42D028",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:pc10pe-16\\/16p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "991DF456-2F99-4C1C-857B-2F2EFF4683C1",
"versionEndExcluding": "1.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:pc10pe-16\\/16p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3CDA45F-6A2A-4BDF-9F0D-24EE765C6591",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:pc10e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1982B0CF-4BBB-494F-8A54-1970BC418022",
"versionEndExcluding": "1.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:pc10e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FC9555-212D-45FE-94E4-9856A6AC91D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:fl\\/et-t-v2h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "223BE690-BD32-48AE-8225-7EA45197136C",
"versionEndExcluding": "f2.8_e1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:fl\\/et-t-v2h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1C90F4A-1BB8-4E8F-B5E1-B3EA43D0FBE7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:pc10b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C254E232-8DD3-482F-8562-892A0571B084",
"versionEndExcluding": "1.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:pc10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D57AED-D31C-4105-99D8-06742DF7A75C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:pc10b-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2087D15B-0258-45E8-804A-0FD55290BBE3",
"versionEndExcluding": "1.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:pc10b-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8703AC-8F8E-42B9-AAB3-D4F47B46190E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:nano_cpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5EA675C-9EEF-4CA6-9D06-EF4E20FBD4D5",
"versionEndExcluding": "2.08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:nano_cpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98E70744-495C-425D-A8A4-6C421B3253EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:pc10p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5DD46C4-4756-4965-A293-174F766B409F",
"versionEndExcluding": "1.05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:pc10p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "322AD962-FAF4-4AEE-BFC0-275AEF6F4C67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:jtekt:pc10ge_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F2ADB5C-A29F-42F9-81D8-64B4448C996A",
"versionEndExcluding": "1.04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:jtekt:pc10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54CA6C5D-D9CB-4E27-AA6B-0276A7499315",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop."
},
{
"lang": "es",
"value": "Cuando JTEKT Corporation TOYOPUC PLC versiones PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P y PC10GE reciben una trama no v\u00e1lida, el \u00e1rea exterior de un b\u00fafer de recepci\u00f3n para FL-net se sobrescribe. Como resultado, la CPU del PLC detecta un error del sistema y los productos afectados se detienen"
}
],
"id": "CVE-2021-27477",
"lastModified": "2024-11-21T05:58:04.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-01T13:15:08.003",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-XQPG-RJJG-58Q9
Vulnerability from github – Published: 2022-05-24 19:06 – Updated: 2022-10-08 00:00
VLAI
Details
When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop.
Severity
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2021-27477"
],
"database_specific": {
"cwe_ids": [
"CWE-119",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-01T13:15:00Z",
"severity": "HIGH"
},
"details": "When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop.",
"id": "GHSA-xqpg-rjjg-58q9",
"modified": "2022-10-08T00:00:21Z",
"published": "2022-05-24T19:06:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27477"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2021-27477
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-27477",
"description": "When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop.",
"id": "GSD-2021-27477"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-27477"
],
"details": "When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop.",
"id": "GSD-2021-27477",
"modified": "2023-12-13T01:23:35.954275Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2021-27477",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "JTEKT Corporation TOYOPUC PLC",
"version": {
"version_data": [
{
"version_value": "The following versions of the PLC are affected: PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, PC10GE."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:pc10g-cpu_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.91",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:pc10g-cpu:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:2port-efr_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:2port-efr:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:plus_cpu_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:plus_cpu:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:plus_ex_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:plus_ex:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:plus_ex2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:plus_ex2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:plus_efr_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:plus_efr:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:plus_efr2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:plus_efr2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:plus_2p-efr_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:plus_2p-efr:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:pc10p-dp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:pc10p-dp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:pc10p-dp-io_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:pc10p-dp-io:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:plus_bus-ex_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.13",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:plus_bus-ex:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:nano_10gx_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:nano_10gx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:nano_2et_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.40",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:nano_2et:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:pc10pe_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.02",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:pc10pe:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:pc10pe-16\\/16p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.02",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:pc10pe-16\\/16p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:pc10e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.02",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:pc10e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:fl\\/et-t-v2h_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f2.8_e1.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:fl\\/et-t-v2h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:pc10b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:pc10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:pc10b-p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:pc10b-p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:nano_cpu_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.08",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:nano_cpu:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:pc10p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.05",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:pc10p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:jtekt:pc10ge_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.04",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:jtekt:pc10ge:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2021-27477"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-10-07T19:16Z",
"publishedDate": "2021-07-01T13:15Z"
}
}
}
ICSA-21-180-04
Vulnerability from csaf_cisa - Published: 2021-06-29 00:00 - Updated: 2021-06-29 00:00Summary
JTEKT TOYOPUC PLC
Notes
CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation: Successful exploitation of this vulnerability could crash the device being accessed.
Critical infrastructure sectors: Critical Manufacturing
Countries/areas deployed: Worldwide
Company headquarters location: Japan
Recommended Practices: CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability: No known public exploits specifically target this vulnerability.
6.5 (Medium)
Affected products
Known affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Plus 2P-EFR: All Versions
JTEKT Corporation / Plus 2P-EFR
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
Plus EFR: All Versions
JTEKT Corporation / Plus EFR
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
PC10GE: All Versions
JTEKT Corporation / PC10GE
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
Nano 2ET: All Versions
JTEKT Corporation / Nano 2ET
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
PC10E: All Versions
JTEKT Corporation / PC10E
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
Nano CPU: All Versions
JTEKT Corporation / Nano CPU
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
Plus EX: All Versions
JTEKT Corporation / Plus EX
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
Plus CPU: All Versions
JTEKT Corporation / Plus CPU
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
PC10G-CPU: All Versions
JTEKT Corporation / PC10G-CPU
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
FL/ET-T-V2H: All Versions
JTEKT Corporation / FL/ET-T-V2H
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
PC10PE: All Versions
JTEKT Corporation / PC10PE
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
PC10B-P: All Versions
JTEKT Corporation / PC10B-P
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
PC10P: All Versions
JTEKT Corporation / PC10P
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
2PORT-EFR: All Versions
JTEKT Corporation / 2PORT-EFR
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
PC10B: All Versions
JTEKT Corporation / PC10B
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
Plus EX2: All Versions
JTEKT Corporation / Plus EX2
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
Plus BUS-EX: All Versions
JTEKT Corporation / Plus BUS-EX
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
PC10P-DP-IO: All Versions
JTEKT Corporation / PC10P-DP-IO
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
PC10PE-16/16P: All Versions
JTEKT Corporation / PC10PE-16/16P
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
Plus EFR2: All Versions
JTEKT Corporation / Plus EFR2
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
Nano 10GX: All Versions
JTEKT Corporation / Nano 10GX
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
|
|
PC10P-DP: All Versions
JTEKT Corporation / PC10P-DP
|
vers:all/* |
Mitigation
Mitigation
Vendor Fix
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
|
References
6 references
Acknowledgments
TXOne Networks
Chris Yang
Trend Micro 's Zero Day Initiative
{
"document": {
"acknowledgments": [
{
"names": [
"Chris Yang"
],
"organization": "TXOne Networks",
"summary": "reporting this vulnerability to CISA"
},
{
"organization": "Trend Micro \u0027s Zero Day Initiative",
"summary": "reporting this vulnerability to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of this vulnerability could crash the device being accessed.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Japan",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target this vulnerability.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-21-180-04 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-180-04.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-180-04 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-180-04"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "JTEKT TOYOPUC PLC",
"tracking": {
"current_release_date": "2021-06-29T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-180-04",
"initial_release_date": "2021-06-29T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-06-29T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-21-180-04 JTEKT TOYOPUC PLC"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "Plus 2P-EFR: All Versions",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Plus 2P-EFR"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "Plus EFR: All Versions",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Plus EFR"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "PC10GE: All Versions",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "PC10GE"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "Nano 2ET: All Versions",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Nano 2ET"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "PC10E: All Versions",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "PC10E"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "Nano CPU: All Versions",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "Nano CPU"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "Plus EX: All Versions",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "Plus EX"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "Plus CPU: All Versions",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "Plus CPU"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "PC10G-CPU: All Versions",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "PC10G-CPU"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "FL/ET-T-V2H: All Versions",
"product_id": "CSAFPID-00010"
}
}
],
"category": "product_name",
"name": "FL/ET-T-V2H"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "PC10PE: All Versions",
"product_id": "CSAFPID-00011"
}
}
],
"category": "product_name",
"name": "PC10PE"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "PC10B-P: All Versions",
"product_id": "CSAFPID-00012"
}
}
],
"category": "product_name",
"name": "PC10B-P"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "PC10P: All Versions",
"product_id": "CSAFPID-00013"
}
}
],
"category": "product_name",
"name": "PC10P"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "2PORT-EFR: All Versions",
"product_id": "CSAFPID-00014"
}
}
],
"category": "product_name",
"name": "2PORT-EFR"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "PC10B: All Versions",
"product_id": "CSAFPID-00015"
}
}
],
"category": "product_name",
"name": "PC10B"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "Plus EX2: All Versions",
"product_id": "CSAFPID-00016"
}
}
],
"category": "product_name",
"name": "Plus EX2"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "Plus BUS-EX: All Versions",
"product_id": "CSAFPID-00017"
}
}
],
"category": "product_name",
"name": "Plus BUS-EX"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "PC10P-DP-IO: All Versions",
"product_id": "CSAFPID-00018"
}
}
],
"category": "product_name",
"name": "PC10P-DP-IO"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "PC10PE-16/16P: All Versions",
"product_id": "CSAFPID-00019"
}
}
],
"category": "product_name",
"name": "PC10PE-16/16P"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "Plus EFR2: All Versions",
"product_id": "CSAFPID-00020"
}
}
],
"category": "product_name",
"name": "Plus EFR2"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "Nano 10GX: All Versions",
"product_id": "CSAFPID-00021"
}
}
],
"category": "product_name",
"name": "Nano 10GX"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "PC10P-DP: All Versions",
"product_id": "CSAFPID-00022"
}
}
],
"category": "product_name",
"name": "PC10P-DP"
}
],
"category": "vendor",
"name": "JTEKT Corporation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-27477",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "When the affected products receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop.CVE-2021-27477 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-327477"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "PC10G-CPU: Versions 3.91 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "2PORT-EFR: Versions 1.50 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "vendor_fix",
"details": "PC10P-DP: Versions 1.50 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "vendor_fix",
"details": "PC10P-DP-IO: Versions 1.50 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "Nano 10GX: Versions 3.00 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "Nano 2ET: Versions 2.40 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "PC10PE: Versions 1.02 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "PC10PE-16/16P: Versions 1.02 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "PC10E: Versions 1.12 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "FL/ET-T-V2H: Versions F2.8 E1.5 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "PC10B: Versions 1.11 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "PC10B-P: Versions 1.11 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "Nano CPU: Versions 2.08 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "PC10P: Versions 1.05 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "PC10GE: Versions 1.04 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "Plus CPU: Versions 3.11 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "Plus EX: Versions 3.11 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "Plus EX2: Versions 3.11 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "Plus EFR: Versions 3.11 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "Plus EFR2: Versions 3.11 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "Plus 2P-EFR: Versions 3.11 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "Plus BUS-EX: Version 2.13 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "There is no need to update Plus series expansion boards. If you use a Plus series expansion board, update Plus CPU or Plus BUS-EX to which the expansion board is connected.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "For firmware updates, visit the JTEKT website.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
],
"url": "https://form.k3r.jp/jtektmt/inquiry7e"
},
{
"category": "mitigation",
"details": "As a general security measure, JTEKT Corporation recommends users only build networks with trusted FL-net products.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
},
{
"category": "mitigation",
"details": "Requests for additional information can be sent to JTEKT Corporation via website form.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
],
"url": "https://form.k3r.jp/jtektmt/inquiry7e"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022"
]
}
]
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…