PT-2022-9286 · Unknown+1 · Scadapack 333E+9

Published

2022-01-28

Updated

2022-02-03

CVE-2021-22816

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions SCADAPack 312E, 313E, 314E, 330E, 333E, 334E, 337E, 350E and 357E RTUs with firmware versions prior to V8.18.1

Description A vulnerability exists that could cause a Denial of Service when receiving a specially crafted request over Modbus, and the RTU is configured as a Modbus server.

Recommendations For SCADAPack 312E, 313E, 314E, 330E, 333E, 334E, 337E, 350E and 357E RTUs with firmware versions prior to V8.18.1, update the firmware to a version later than V8.18.1 to resolve the issue. As a temporary workaround, consider restricting access to the Modbus server to minimize the risk of exploitation.

Fix

Improper Check for Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-754

Related Identifiers

CVE-2021-22816

Affected Products

Modbus

Scadapack 312E

Scadapack 313E

Scadapack 314E

Scadapack 330E

Scadapack 333E

Scadapack 334E

Scadapack 337E

Scadapack 350E

Scadapack 357E

PT-2022-9286 · Unknown+1 · Scadapack 333E+9

CVE-2021-22816

Weakness Enumeration

Related Identifiers

Affected Products

References · 3