CVE-2020-13556

Name of the Vulnerable Software and Affected Versions EIP Stack Group OpENer version 2.3

Description An out-of-bounds write issue exists in the Ethernet/IP server functionality. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this issue.

Recommendations For EIP Stack Group OpENer version 2.3, consider restricting access to the Ethernet/IP server functionality until a patch is available. As a temporary workaround, limit the ability to send specially crafted network requests to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.