github - ghsa-473m-ppf7-95wq

GHSA-473M-PPF7-95WQ

Vulnerability from github – Published: 2022-05-24 19:02 – Updated: 2022-05-24 19:02

Details

In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by the packet. This may lead to a denial of service of the affected device.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-20988"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-05-13T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by the packet. This may lead to a denial of service of the affected device.",
  "id": "GHSA-473m-ppf7-95wq",
  "modified": "2022-05-24T19:02:22Z",
  "published": "2022-05-24T19:02:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20988"
    },
    {
      "type": "WEB",
      "url": "https://cert.vde.com/de-de/advisories/vde-2021-018"
    },
    {
      "type": "WEB",
      "url": "https://kb.hilscher.com/display/ISMS/2019-04-10+Wrong+handling+of+the+UDP+checksum"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2021-20988 (GCVE-0-2021-20988)

Vulnerability from cvelistv5 – Published: 2021-05-13 13:45 – Updated: 2024-09-16 17:49

Title

Hilscher rcX RTOS: Wrong handling of the UDP checksum

Summary

In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by the packet. This may lead to a denial of service of the affected device.

Severity ?

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Assigner

CERTVDE

References

URL

Tags

	https://kb.hilscher.com/display/ISMS/2019-04-10+W…	x_refsource_CONFIRM
	https://cert.vde.com/de-de/advisories/vde-2021-018	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

Hilscher

rcX RTOS

Affected: unspecified , < V2.1.14.1 (custom)

	Pepperl+Fuchs	Ethernet IO Modules ICE1-16	Affected: ICE1-16DI-G60L-V1D , ≤ F10017 (custom) Affected: ICE1-16DIO-G60L-C1-V1D , ≤ F10017 (custom) Affected: ICE1-16DIO-G60L-V1D , ≤ F10017 (custom)
	Pepperl+Fuchs	Ethernet IO Modules ICE1-8	Affected: ICE1-8DI8DO-G60L-C1-V1D , ≤ F10017 (custom) Affected: ICE1-8DI8DO-G60L-V1D , ≤ F10017 (custom) Affected: ICE1-8IOL-G30L-V1D , ≤ F10017 (custom) Affected: ICE1-8IOL-G60L-V1D , ≤ F10017 (custom) Affected: ICE1-8IOL-S2-G60L-V1D , ≤ F10017 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:53:23.157Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.hilscher.com/display/ISMS/2019-04-10+Wrong+handling+of+the+UDP+checksum"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/de-de/advisories/vde-2021-018"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "rcX RTOS",
          "vendor": "Hilscher",
          "versions": [
            {
              "lessThan": "V2.1.14.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Ethernet IO Modules ICE1-16",
          "vendor": "Pepperl+Fuchs",
          "versions": [
            {
              "lessThanOrEqual": "F10017",
              "status": "affected",
              "version": "ICE1-16DI-G60L-V1D",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "F10017",
              "status": "affected",
              "version": "ICE1-16DIO-G60L-C1-V1D",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "F10017",
              "status": "affected",
              "version": "ICE1-16DIO-G60L-V1D",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Ethernet IO Modules ICE1-8",
          "vendor": "Pepperl+Fuchs",
          "versions": [
            {
              "lessThanOrEqual": "F10017",
              "status": "affected",
              "version": "ICE1-8DI8DO-G60L-C1-V1D",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "F10017",
              "status": "affected",
              "version": "ICE1-8DI8DO-G60L-V1D",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "F10017",
              "status": "affected",
              "version": "ICE1-8IOL-G30L-V1D",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "F10017",
              "status": "affected",
              "version": "ICE1-8IOL-G60L-V1D",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "F10017",
              "status": "affected",
              "version": "ICE1-8IOL-S2-G60L-V1D",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-02-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by the packet. This may lead to a denial of service of the affected device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-05-13T13:45:24",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.hilscher.com/display/ISMS/2019-04-10+Wrong+handling+of+the+UDP+checksum"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/de-de/advisories/vde-2021-018"
        }
      ],
      "source": {
        "advisory": "vde-2021-018",
        "defect": [
          "vde-2021-018"
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Hilscher rcX RTOS: Wrong handling of the UDP checksum",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "info@cert.vde.com",
          "DATE_PUBLIC": "2021-02-15T13:00:00.000Z",
          "ID": "CVE-2021-20988",
          "STATE": "PUBLIC",
          "TITLE": "Hilscher rcX RTOS: Wrong handling of the UDP checksum"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "rcX RTOS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "V2.1.14.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Hilscher"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Ethernet IO Modules ICE1-16",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "ICE1-16DI-G60L-V1D",
                            "version_value": "F10017"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "ICE1-16DIO-G60L-C1-V1D",
                            "version_value": "F10017"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "ICE1-16DIO-G60L-V1D",
                            "version_value": "F10017"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Ethernet IO Modules ICE1-8",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "ICE1-8DI8DO-G60L-C1-V1D",
                            "version_value": "F10017"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "ICE1-8DI8DO-G60L-V1D",
                            "version_value": "F10017"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "ICE1-8IOL-G30L-V1D",
                            "version_value": "F10017"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "ICE1-8IOL-G60L-V1D",
                            "version_value": "F10017"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "ICE1-8IOL-S2-G60L-V1D",
                            "version_value": "F10017"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Pepperl+Fuchs"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by the packet. This may lead to a denial of service of the affected device."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.hilscher.com/display/ISMS/2019-04-10+Wrong+handling+of+the+UDP+checksum",
              "refsource": "CONFIRM",
              "url": "https://kb.hilscher.com/display/ISMS/2019-04-10+Wrong+handling+of+the+UDP+checksum"
            },
            {
              "name": "https://cert.vde.com/de-de/advisories/vde-2021-018",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/de-de/advisories/vde-2021-018"
            }
          ]
        },
        "source": {
          "advisory": "vde-2021-018",
          "defect": [
            "vde-2021-018"
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2021-20988",
    "datePublished": "2021-05-13T13:45:24.410430Z",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-09-16T17:49:09.628Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-473M-PPF7-95WQ

CVE-2021-20988 (GCVE-0-2021-20988)

Tags

Sightings

Nomenclature