Serve Bugs Identified in EtherNet/IP Stack for Industrial Systems!

Post author:Xiarch Security
Post published:April 17, 2021
Post category:Vulnerabilities
Post comments:0 Comments

The United States Cybersecurity and Infrastructure Security Agency (CISA) published an advisory that warns the multiple vulnerabilities in OpENer EtherNet/IP stack that may expose the industrial systems while enabling denial-of-service or DoS attack that leaks the data and execute remote code execution.

While the OpENer versions and commits before 10th February 2021 are affected and there are unknown public exploits that are targeted with these vulnerabilities. The other four security flaws are discovered and identified by CISA by the experts and the 5th security bug was discovered by the Claroty that also identified Cisco Talos named as CVE-2020-13556 on 2nd December 2020.

Serve Bugs Reported in EtherNet/IP Stack for Organizations!

However, the attacker only needs to transfer the crafted files ENIP/CIP packets on the device while getting the exploit of these vulnerabilities present. The CVE-2020-13556 concerns listed as out-of-bounds that write the vulnerability in the Enternet/IP server that may authorize the attackers to send the series of specially-crafted network requests while triggering the remote code execution which is rated 9.8 out of 10 severity.

Meanwhile, the other four bugs identified by EIP StackGroup and the researchers of the OpENer stack in October 2020 are listed below;

CVE-2021-27478 (CVSS score: 8.2) – Bug in the manner that is handled by Common Industrial Protocol and leads by DoS condition.
CVE-2021-27482 (CVSS score: 7.5) – While out-of-bounds read bugs are leverages by the specially crafted packets that are accessible by the arbitrary data from the memory.
CVE-2021-27500 and CVE-2021-27498 (CVSS score: 7.5) – These two assertion vulnerabilities can be exploited as the result of the DoS condition.

However, the vendors are also accessing the OpENer stack are also get the update while the latest version and it also take protective measures while minimizing network exposure to all the devices controlled by the internet and also isolate them from the organization network, erect the firewall barriers.

Remaining Up

Since this the first time when the security issues have been treated by EtherNet/IP stacks. In November the security researcher also said that these critical vulnerabilities that were uncovered in the Real-Time Automation as 499ES EtherNet/IP stack could permit the industrial control systems while executing the remote attacks by adversaries.

Remaining Up

Please Share This Share this content

You Might Also Like

Organization Paid Millions while Decrypting their Data! But they Forgot to do one thing. Read this to Know!

Another Hazardous Vulnerability Fixed through WordPress Plugin with 800k Installs!

LockFile Ransomware Utilizes PetiPotam Attack to Stole Windows Domains

Leave a Reply Cancel reply

Share this content