Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2021-21002
PUBLISHED
More InfoOfficial Page
Assigner-CERTVDE
Assigner Org ID-270ccfa6-a436-4e77-922e-914ec3a9685c
View Known Exploited Vulnerability (KEV) details
Published At-25 Jun, 2021 | 18:25
Updated At-17 Sep, 2024 | 03:58
Rejected At-
▼CVE Numbering Authority (CNA)
Denial of Service in Phoenix Contact FL COMSERVER UNI products

In Phoenix Contact FL COMSERVER UNI in versions < 2.40 a invalid Modbus exception response can lead to a temporary denial of service.

Affected Products
Vendor
Phoenix Contact GmbH & Co. KGPhoenix Contact
Product
FL COMSERVER
Versions
Affected
  • From UNI 232/422/485 (2313452) before 2.40 (custom)
  • From UNI 232/422/485-T (2904817) before 2.40 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-772CWE-772 Missing Release of Resource after Effective Lifetime
Type: CWE
CWE ID: CWE-772
Description: CWE-772 Missing Release of Resource after Effective Lifetime
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Upgrade to the latest firmware, fixed firmware includes versions >= 2.41.

Configurations
Workarounds
Exploits
Credits
This vulnerability was found by Petri Tuomio and reported to PHOENIX CONTACT by Waertsilae PSIRT. PHOENIX CONTACT thanks CERT@VDE for the coordination and support with this publication.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert.vde.com/en-us/advisories/vde-2021-022
x_refsource_CONFIRM
Hyperlink: https://cert.vde.com/en-us/advisories/vde-2021-022
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert.vde.com/en-us/advisories/vde-2021-022
x_refsource_CONFIRM
x_transferred
Hyperlink: https://cert.vde.com/en-us/advisories/vde-2021-022
Resource:
x_refsource_CONFIRM
x_transferred
Details not found