{ "document": { "acknowledgments": [ { "organization": "CERT@VDE", "summary": "coordination", "urls": [ "https://certvde.com" ] }, { "organization": "Forescout Technologies, Inc.", "summary": "discovered and reported" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en-US", "notes": [ { "category": "summary", "text": "Multiple products of PILZ utilise a third-party TCP/IP implementation - the \"Niche Ethernet Stack\". This TCP/IP stack contains multiple vulnerabilities which are therefore affecting the products listed above.", "title": "Summary" }, { "category": "description", "title": "Mitigation", "text": "It is adviced to use firewalls or similar network security devices to prevent unauthorized network communication to the products affected." }, { "title": "Remediation", "text": "| Produkt | Maßnahme |\n|----------------------------------------------|------------------------------------------------------|\n| PSSu-Module für dezentrales E/A-System | siehe Mitigation |\n| PSSu-Module für PSS 4000 | Firmware auf 1.22.2 aktualisieren * |\n| PNOZ m B1 | siehe Mitigation ** |\n| PNOZ m ES ETH | siehe Mitigation ** |\n| PNOZ mmc1p ETH | siehe Mitigation |\n| Base-Device PNOZ mxp ETH (PNOZmulti Classic) | siehe Mitigation |\n\n\\* CVE-2020-35685 wird in diesem Update nicht behoben, da es keine Auswirkungen auf die Sicherheit der verwendeten Dienste und Protokolle (MODBUS/TCP und RAW-TCP) hat.\n\n\\** Diese Produkte sind im Feld nicht updatefähig. Sie verwenden eine vom Hersteller vorinstallierte, feste Firmware.", "category": "description" }, { "text": "Die Schwachstellen ermöglichen einem entfernten Angreifer:\n\n- einen Neustart des Geräts auszulösen, was zu einer Denial-of-Service-Situation führt\n- eine TCP-Verbindung zu kapern\n\n### Betroffene Produkte und CVEs\n\n| Produkt | Betroffen von CVEs |\n|----------------------------------------------|--------------------|\n| PSSu-Module für dezentrales E/A-System | CVE-2020-35683, CVE-2020-35684, CVE-2020-35685, CVE-2021-31400, CVE-2021-31401 |\n| PSSu-Module für PSS 4000 | CVE-2020-35683, CVE-2020-35684, CVE-2020-35685, CVE-2021-31400, CVE-2021-31401 |\n| PNOZ m B1 | CVE-2020-35683, CVE-2020-35684, CVE-2020-35685 |\n| PNOZ m ES ETH | CVE-2020-35683, CVE-2020-35684, CVE-2020-35685 |\n| PNOZ mmc1p ETH | CVE-2020-35683, CVE-2020-35684, CVE-2020-35685 |\n| Base-Device PNOZ mxp ETH (PNOZmulti Classic) | CVE-2020-35683, CVE-2020-35684, CVE-2020-35685 |", "category": "description", "title": "Impact" } ], "publisher": { "category": "vendor", "contact_details": "security@pilz.com", "name": "Pilz GmbH & Co. KG", "namespace": "https://www.pilz.com" }, "references": [ { "category": "external", "summary": "Pilz advisory overview at CERT@VDE", "url": "https://certvde.com/de/advisories/vendor/pilz/" }, { "category": "self", "summary": "VDE-2021-009: Pilz: Multiple products prone to Niche Ethernet Stack vulnerabilities - HTML", "url": "https://certvde.com/en/advisories/vde-2021-009" }, { "summary": "VDE-2021-009: Pilz: Multiple products prone to Niche Ethernet Stack vulnerabilities - CSAF", "url": "https://pilz.csaf-tp.certvde.com/.well-known/csaf/white/2021/vde-2021-009.json", "category": "self" } ], "title": "Pilz: Multiple products prone to Niche Ethernet Stack vulnerabilities", "tracking": { "aliases": [ "VDE-2021-009" ], "current_release_date": "2025-05-14T13:00:14.000Z", "generator": { "date": "2025-03-05T11:49:30.977Z", "engine": { "name": "Secvisogram", "version": "2.5.20" } }, "id": "VDE-2021-009", "initial_release_date": "2021-09-20T11:56:00.000Z", "revision_history": [ { "date": "2021-09-20T11:56:00.000Z", "number": "1", "summary": "Initial revision." }, { "number": "2", "summary": "Fix: added distribution", "date": "2025-05-14T13:00:14.000Z" } ], "status": "final", "version": "2" } }, "product_tree": { "product_groups": [ { "group_id": "CSAFGID-0001", "summary": "Affected Products.", "product_ids": [ "CSAFPID-31001", "CSAFPID-31002", "CSAFPID-31003", "CSAFPID-31004", "CSAFPID-31005", "CSAFPID-31006" ] } ], "branches": [ { "category": "vendor", "name": "Pilz", "branches": [ { "category": "product_family", "name": "Hardware", "branches": [ { "name": "Base-Device PNOZ mxp ETH (PNOZmulti Classic)", "category": "product_name", "product": { "name": "Base-Device PNOZ mxp ETH (PNOZmulti Classic)", "product_id": "CSAFPID-11001", "product_identification_helper": { "model_numbers": [ "773103", "773104*", "773113", "773116", "773123", "7731260" ] } } }, { "name": "PNOZ m B1", "category": "product_name", "product": { "name": "PNOZ m B1", "product_id": "CSAFPID-11002", "product_identification_helper": { "model_numbers": [ "316020" ] } } }, { "name": "PNOZ m ES ETH", "category": "product_name", "product": { "name": "PNOZ m ES ETH", "product_id": "CSAFPID-11003", "product_identification_helper": { "model_numbers": [ "316020" ] } } }, { "name": "PNOZ mmc1p ETH", "category": "product_name", "product": { "name": "PNOZ mmc1p ETH", "product_id": "CSAFPID-11004", "product_identification_helper": { "model_numbers": [ "316020" ] } } }, { "name": "PSSu-Module for decentralised E/A-System", "category": "product_name", "product": { "name": "PSSu-Module for decentralised E/A-System", "product_id": "CSAFPID-11005", "product_identification_helper": { "model_numbers": [ "312041", "312042", "312043" ] } } }, { "name": "PSSu-Module for PSS 4000", "category": "product_name", "product": { "name": "PSSu-Module for PSS 4000", "product_id": "CSAFPID-11006", "product_identification_helper": { "model_numbers": [ "31206*", "312070*", "312071*", "312077", "312085*", "312087", "31407*", "314085", "314086", "314087", "315070*", "315071*", "315085", "315086", "316010", "316020" ] } } } ] }, { "name": "Firmware", "category": "product_family", "branches": [ { "name": "<1.22.2", "category": "product_version_range", "product": { "name": "Firmware <1.22.2", "product_id": "CSAFPID-21001" } }, { "name": "