CVE-2021-27458

Published: Apr 19, 2021Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

If Ethernet communication of the JTEKT Corporation TOYOPUC product series’ (TOYOPUC-PC10 Series: PC10G-CPU TCC-6353: All versions, PC10GE TCC-6464: All versions, PC10P TCC-6372: All versions, PC10P-DP TCC-6726: All versions, PC10P-DP-IO TCC-6752: All versions, PC10B-P TCC-6373: All versions, PC10B TCC-1021: All versions, PC10B-E/C TCU-6521: All versions, PC10E TCC-4737: All versions; TOYOPUC-Plus Series: Plus CPU TCC-6740: All versions, Plus EX TCU-6741: All versions, Plus EX2 TCU-6858: All versions, Plus EFR TCU-6743: All versions, Plus EFR2 TCU-6859: All versions, Plus 2P-EFR TCU-6929: All versions, Plus BUS-EX TCU-6900: All versions; TOYOPUC-PC3J/PC2J Series: FL/ET-T-V2H THU-6289: All versions, 2PORT-EFR THU-6404: All versions) are left in an open state by an attacker, Ethernet communications cannot be established with other devices, depending on the settings of the link parameters.

Affected (18)

Products: Jtekt: Pc10g Cpu Tcc 6353 Firmware, Pc10ge Tcc 6464 Firmware, Pc10p Tcc 6372 Firmware, Pc10p Dp Tcc 6726 Firmware, Pc10p Dp Io Tcc 6752 Firmware, Pc10b P Tcc 6373 Firmware, Pc10b Tcc 1021 Firmware, Pc10b E/c Tcu 6521 Firmware, Pc10e Tcc 4737 Firmware, Plus Cpu Tcc 6740 Firmware, Plus Ex Tcu 6741 Firmware, Plus Ex2 Tcu 6858 Firmware, Plus Efr Tcu 6743 Firmware, Plus Efr2 Tcu 6859 Firmware, Plus 2p Efr Tcu 6929 Firmware, Plus Bus Ex Tcu 6900 Firmware, Fl/et T V2h Thu 6289 Firmware, 2port Efr Thu 6404 Firmware

Jtekt

18 products

Pc10g Cpu Tcc 6353 Firmware

Pc10ge Tcc 6464 Firmware

Pc10p Tcc 6372 Firmware

Pc10p Dp Tcc 6726 Firmware

Pc10p Dp Io Tcc 6752 Firmware

Pc10b P Tcc 6373 Firmware

Pc10b Tcc 1021 Firmware

Pc10b E/c Tcu 6521 Firmware

Pc10e Tcc 4737 Firmware

Plus Cpu Tcc 6740 Firmware

Plus Ex Tcu 6741 Firmware

Plus Ex2 Tcu 6858 Firmware

Plus Efr Tcu 6743 Firmware

Plus Efr2 Tcu 6859 Firmware

Plus 2p Efr Tcu 6929 Firmware

Plus Bus Ex Tcu 6900 Firmware

Fl/et T V2h Thu 6289 Firmware

2port Efr Thu 6404 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10g Cpu Tcc 6353 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10g Cpu Tcc 6353	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10ge Tcc 6464 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10ge Tcc 6464	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10p Tcc 6372 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10p Tcc 6372	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10p Dp Tcc 6726 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10p Dp Tcc 6726	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10p Dp Io Tcc 6752 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10p Dp Io Tcc 6752	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10b P Tcc 6373 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10b P Tcc 6373	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10b Tcc 1021 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10b Tcc 1021	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10b E/c Tcu 6521 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10b E/c Tcu 6521	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10e Tcc 4737 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10e Tcc 4737	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Plus Cpu Tcc 6740 Firmware	All versions

Running on/with	Platform Versions
Jtekt Plus Cpu Tcc 6740	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Plus Ex Tcu 6741 Firmware	All versions

Running on/with	Platform Versions
Jtekt Plus Ex Tcu 6741	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Plus Ex2 Tcu 6858 Firmware	All versions

Running on/with	Platform Versions
Jtekt Plus Ex2 Tcu 6858	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Plus Efr Tcu 6743 Firmware	All versions

Running on/with	Platform Versions
Jtekt Plus Efr Tcu 6743	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Plus Efr2 Tcu 6859 Firmware	All versions

Running on/with	Platform Versions
Jtekt Plus Efr2 Tcu 6859	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Plus 2p Efr Tcu 6929 Firmware	All versions

Running on/with	Platform Versions
Jtekt Plus 2p Efr Tcu 6929	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Plus Bus Ex Tcu 6900 Firmware	All versions

Running on/with	Platform Versions
Jtekt Plus Bus Ex Tcu 6900	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Fl/et T V2h Thu 6289 Firmware	All versions

Running on/with	Platform Versions
Jtekt Fl/et T V2h Thu 6289	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt 2port Efr Thu 6404 Firmware	All versions

Running on/with	Platform Versions
Jtekt 2port Efr Thu 6404	All versions

Related CWEs

CWE-404

Improper Resource Shutdown or Release

The product does not release or incorrectly releases a resource before it is made available for re-use.

References (2)

https://us-cert.cisa.gov/ics/advisories/icsa-21-103-03

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://us-cert.cisa.gov/ics/advisories/icsa-21-103-03

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.