7.5
CVE-2021-27498
- EPSS 1.16%
- Veröffentlicht 12.05.2022 20:15:13
- Zuletzt bearbeitet 21.11.2024 05:58:06
- Quelle ics-cert@hq.dhs.gov
- CVE-Watchlists
- Unerledigt
LoginEIPStackGroup OpENer Ethernet/IP Reachable Assertion
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Opener Project ≫ Opener Version <= 2.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.16% | 0.631 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
| ics-cert@hq.dhs.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-617 Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
https://github.com/EIPStackGroup/OpENer
https://www.cisa.gov/uscert/ics/advisories/icsa-21-105-02