CVE-2021-20986
moderate-risk
Published 2021-02-16
A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This may lead to unexpected loss of cyclic communication or interruption of acyclic communication.
Do I need to act?
-
0.47% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Products (20)
Profinet Io Device Firmware
Pgv100-F200A-B17-V1D Firmware
Pgv150I-F200A-B17-V1D Firmware
Pgv100-F200-B17-V1D-7477 Firmware
Pxv100-F200-B17-V1D Firmware
Pxv100-F200-B17-V1D-3636 Firmware
Pcv80-F200-B17-V1D Firmware
Pcv100-F200-B17-V1D Firmware
Pcv50-F200-B17-V1D Firmware
Pcv100-F200-B17-V1D-6011-6997 Firmware
Pcv100-F200-B17-V1D-6011 Firmware
Pcv100-F200-B17-V1D-6011-8203 Firmware
Pxv100A-F200-B28-V1D Firmware
Pxv100A-F200-B28-V1D-6011 Firmware
Pgv100A-F200-B28-V1D Firmware
Pgv100A-F200A-B28-V1D Firmware
Pgv100Aq-F200A-B28-V1D Firmware
Pgv100Aq-F200-B28-V1D Firmware
Pxv100Aq-F200-B28-V1D Firmware
Pxv100Aq-F200-B28-V1D-6011 Firmware
Affected Vendors
References (4)
Third Party Advisory
https://cert.vde.com/en-us/advisories/vde-2021-006
Third Party Advisory
https://cert.vde.com/en-us/advisories/vde-2021-006
49
/ 100
moderate-risk
Severity
26/34 · High
Exploitability
2/34 · Minimal
Exposure
21/34 · High