PT-2020-13606 · Eip Stack · Eip Stack Group Opener

Published

2020-12-03

Updated

2022-06-07

CVE-2020-13530

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions EIP Stack Group OpENer version 2.3

Description A denial-of-service issue exists in the Ethernet/IP server functionality. It can be triggered by sending a large number of network requests in a short time span, causing the program to stop. An attacker can exploit this by sending a sequence of requests.

Recommendations For EIP Stack Group OpENer version 2.3, consider implementing rate limiting on incoming network requests to mitigate the risk of denial-of-service attacks. As a temporary workaround, restrict access to the Ethernet/IP server functionality until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-672CWE-910

Related Identifiers

CVE-2020-13530

Affected Products

Eip Stack Group Opener

PT-2020-13606 · Eip Stack · Eip Stack Group Opener

CVE-2020-13530

Weakness Enumeration

Related Identifiers

Affected Products

References · 20