SECURITY – Denial of Service Vulnerabilities in SPIET800 INFI-Net to Ethernet Transfer module and PNI800 S+ Ethernet communication interface module
CVE-2021-22288

7.5HIGH

Key Information:

Vendor

Abb

Status
Spiet800
Pni800
Vendor
CVE Published:
4 February 2022

What is CVE-2021-22288?

Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive.

Affected Version(s)

PNI800 <= unspecified

SPIET800 <= unspecified

References

https://search.abb.com/library/Download.aspx?DocumentID=7...
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

ABB thanks Lance Lamont from Verve Industrial Protection and Ron Brash from Verve Industrial Protection/aDolus Technology Inc. helping to identify the vulnerabilities and protecting our customers.
.
CVE-2021-22288 : SECURITY – Denial of Service Vulnerabilities in SPIET800 INFI-Net to Ethernet Transfer module and PNI800 S+ Ethernet communication interface module