Vulnerability-Lookup

ICSA-21-180-04

Vulnerability from csaf_cisa - Published: 2021-06-29 00:00 - Updated: 2021-06-29 00:00

Summary

JTEKT TOYOPUC PLC

Notes

CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation: Successful exploitation of this vulnerability could crash the device being accessed.

Critical infrastructure sectors: Critical Manufacturing

Countries/areas deployed: Worldwide

Company headquarters location: Japan

Recommended Practices: CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Exploitability: No known public exploits specifically target this vulnerability.

CVE-2021-27477

6.5 (Medium)


                        
                          CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected products

Known affected 22 products

Product	Version	Remediation
Plus 2P-EFR: All Versions JTEKT Corporation / Plus 2P-EFR	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
Plus EFR: All Versions JTEKT Corporation / Plus EFR	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
PC10GE: All Versions JTEKT Corporation / PC10GE	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
Nano 2ET: All Versions JTEKT Corporation / Nano 2ET	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
PC10E: All Versions JTEKT Corporation / PC10E	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
Nano CPU: All Versions JTEKT Corporation / Nano CPU	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
Plus EX: All Versions JTEKT Corporation / Plus EX	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
Plus CPU: All Versions JTEKT Corporation / Plus CPU	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
PC10G-CPU: All Versions JTEKT Corporation / PC10G-CPU	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
FL/ET-T-V2H: All Versions JTEKT Corporation / FL/ET-T-V2H	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
PC10PE: All Versions JTEKT Corporation / PC10PE	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
PC10B-P: All Versions JTEKT Corporation / PC10B-P	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
PC10P: All Versions JTEKT Corporation / PC10P	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
2PORT-EFR: All Versions JTEKT Corporation / 2PORT-EFR	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
PC10B: All Versions JTEKT Corporation / PC10B	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
Plus EX2: All Versions JTEKT Corporation / Plus EX2	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
Plus BUS-EX: All Versions JTEKT Corporation / Plus BUS-EX	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
PC10P-DP-IO: All Versions JTEKT Corporation / PC10P-DP-IO	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
PC10PE-16/16P: All Versions JTEKT Corporation / PC10PE-16/16P	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
Plus EFR2: All Versions JTEKT Corporation / Plus EFR2	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
Nano 10GX: All Versions JTEKT Corporation / Nano 10GX	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix
PC10P-DP: All Versions JTEKT Corporation / PC10P-DP	vers:all/*	Mitigation Mitigation Vendor Fix Vendor Fix Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix Mitigation Mitigation fix

References

6 references

URL	Category
https://raw.githubusercontent.com/cisagov/CSAF/de…	self
https://www.cisa.gov/news-events/ics-advisories/i…	self
https://us-cert.cisa.gov/sites/default/files/reco…	external
https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B	external
http://web.nvd.nist.gov/view/vuln/detail?vulnId=C…	external
https://www.first.org/cvss/calculator/3.0#CVSS:3.…	external

Acknowledgments

TXOne Networks Chris Yang

Trend Micro 's Zero Day Initiative

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Chris Yang"
        ],
        "organization": "TXOne Networks",
        "summary": "reporting this vulnerability to CISA"
      },
      {
        "organization": "Trend Micro \u0027s Zero Day Initiative",
        "summary": "reporting this vulnerability to CISA"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of this vulnerability could crash the device being accessed.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Japan",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-21-180-04 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-180-04.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-21-180-04 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-180-04"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "JTEKT TOYOPUC PLC",
    "tracking": {
      "current_release_date": "2021-06-29T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-21-180-04",
      "initial_release_date": "2021-06-29T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2021-06-29T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-21-180-04 JTEKT TOYOPUC PLC"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "Plus 2P-EFR: All Versions",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Plus 2P-EFR"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "Plus EFR: All Versions",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "Plus EFR"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "PC10GE: All Versions",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "PC10GE"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "Nano 2ET: All Versions",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "Nano 2ET"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "PC10E: All Versions",
                  "product_id": "CSAFPID-0005"
                }
              }
            ],
            "category": "product_name",
            "name": "PC10E"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "Nano CPU: All Versions",
                  "product_id": "CSAFPID-0006"
                }
              }
            ],
            "category": "product_name",
            "name": "Nano CPU"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "Plus EX: All Versions",
                  "product_id": "CSAFPID-0007"
                }
              }
            ],
            "category": "product_name",
            "name": "Plus EX"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "Plus CPU: All Versions",
                  "product_id": "CSAFPID-0008"
                }
              }
            ],
            "category": "product_name",
            "name": "Plus CPU"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "PC10G-CPU: All Versions",
                  "product_id": "CSAFPID-0009"
                }
              }
            ],
            "category": "product_name",
            "name": "PC10G-CPU"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "FL/ET-T-V2H: All Versions",
                  "product_id": "CSAFPID-00010"
                }
              }
            ],
            "category": "product_name",
            "name": "FL/ET-T-V2H"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "PC10PE: All Versions",
                  "product_id": "CSAFPID-00011"
                }
              }
            ],
            "category": "product_name",
            "name": "PC10PE"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "PC10B-P: All Versions",
                  "product_id": "CSAFPID-00012"
                }
              }
            ],
            "category": "product_name",
            "name": "PC10B-P"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "PC10P: All Versions",
                  "product_id": "CSAFPID-00013"
                }
              }
            ],
            "category": "product_name",
            "name": "PC10P"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "2PORT-EFR: All Versions",
                  "product_id": "CSAFPID-00014"
                }
              }
            ],
            "category": "product_name",
            "name": "2PORT-EFR"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "PC10B: All Versions",
                  "product_id": "CSAFPID-00015"
                }
              }
            ],
            "category": "product_name",
            "name": "PC10B"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "Plus EX2: All Versions",
                  "product_id": "CSAFPID-00016"
                }
              }
            ],
            "category": "product_name",
            "name": "Plus EX2"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "Plus BUS-EX: All Versions",
                  "product_id": "CSAFPID-00017"
                }
              }
            ],
            "category": "product_name",
            "name": "Plus BUS-EX"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "PC10P-DP-IO: All Versions",
                  "product_id": "CSAFPID-00018"
                }
              }
            ],
            "category": "product_name",
            "name": "PC10P-DP-IO"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "PC10PE-16/16P: All Versions",
                  "product_id": "CSAFPID-00019"
                }
              }
            ],
            "category": "product_name",
            "name": "PC10PE-16/16P"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "Plus EFR2: All Versions",
                  "product_id": "CSAFPID-00020"
                }
              }
            ],
            "category": "product_name",
            "name": "Plus EFR2"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "Nano 10GX: All Versions",
                  "product_id": "CSAFPID-00021"
                }
              }
            ],
            "category": "product_name",
            "name": "Nano 10GX"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "PC10P-DP: All Versions",
                  "product_id": "CSAFPID-00022"
                }
              }
            ],
            "category": "product_name",
            "name": "PC10P-DP"
          }
        ],
        "category": "vendor",
        "name": "JTEKT Corporation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-27477",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When the affected products receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop.CVE-2021-27477 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014",
          "CSAFPID-00015",
          "CSAFPID-00016",
          "CSAFPID-00017",
          "CSAFPID-00018",
          "CSAFPID-00019",
          "CSAFPID-00020",
          "CSAFPID-00021",
          "CSAFPID-00022"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-327477"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "PC10G-CPU: Versions 3.91 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "2PORT-EFR: Versions 1.50 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "PC10P-DP: Versions 1.50 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "PC10P-DP-IO: Versions 1.50 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Nano 10GX: Versions 3.00 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Nano 2ET: Versions 2.40 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "PC10PE: Versions 1.02 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "PC10PE-16/16P: Versions 1.02 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "PC10E: Versions 1.12 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "FL/ET-T-V2H: Versions F2.8 E1.5 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "PC10B: Versions 1.11 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "PC10B-P: Versions 1.11 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Nano CPU: Versions 2.08 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "PC10P: Versions 1.05 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "PC10GE: Versions 1.04 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Plus CPU: Versions 3.11 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Plus EX: Versions 3.11 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Plus EX2: Versions 3.11 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Plus EFR: Versions 3.11 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Plus EFR2: Versions 3.11 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Plus 2P-EFR: Versions 3.11 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Plus BUS-EX: Version 2.13 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "There is no need to update Plus series expansion boards. If you use a Plus series expansion board, update Plus CPU or Plus BUS-EX to which the expansion board is connected.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "For firmware updates, visit the JTEKT website.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ],
          "url": "https://form.k3r.jp/jtektmt/inquiry7e"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, JTEKT Corporation recommends users only build networks with trusted FL-net products.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Requests for additional information can be sent to JTEKT Corporation via website form.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ],
          "url": "https://form.k3r.jp/jtektmt/inquiry7e"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022"
          ]
        }
      ]
    }
  ]
}

CVE-2021-27477 (GCVE-0-2021-27477)

Vulnerability from cvelistv5 – Published: 2021-07-01 12:01 – Updated: 2024-08-03 20:48

Summary

When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop.

Severity

No CVSS data available.

CWE

CWE-119 - IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119

Assigner

icscert

References

1 reference

URL	Tags
https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
n/a	JTEKT Corporation TOYOPUC PLC	Affected: The following versions of the PLC are affected: PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, PC10GE.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:17.271Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "JTEKT Corporation TOYOPUC PLC",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "The following versions of the PLC are affected: PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, PC10GE."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-01T12:01:36.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2021-27477",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "JTEKT Corporation TOYOPUC PLC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "The following versions of the PLC are affected: PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, PC10GE."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2021-27477",
    "datePublished": "2021-07-01T12:01:36.000Z",
    "dateReserved": "2021-02-19T00:00:00.000Z",
    "dateUpdated": "2024-08-03T20:48:17.271Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

ICSA-21-180-04

CVE-2021-27477 (GCVE-0-2021-27477)

Tags

Sightings

Nomenclature