CVE-2021-27458

If Ethernet communication of the JTEKT Corporation TOYOPUC product series’ (TOYOPUC-PC10 Series: PC10G-CPU TCC-6353: All versions, PC10GE TCC-6464: All versions, PC10P TCC-6372: All versions, PC10P-DP TCC-6726: All versions, PC10P-DP-IO TCC-6752: All versions, PC10B-P TCC-6373: All versions, PC10B TCC-1021: All versions, PC10B-E/C TCU-6521: All versions, PC10E TCC-4737: All versions; TOYOPUC-Plus Series: Plus CPU TCC-6740: All versions, Plus EX TCU-6741: All versions, Plus EX2 TCU-6858: All versions, Plus EFR TCU-6743: All versions, Plus EFR2 TCU-6859: All versions, Plus 2P-EFR TCU-6929: All versions, Plus BUS-EX TCU-6900: All versions; TOYOPUC-PC3J/PC2J Series: FL/ET-T-V2H THU-6289: All versions, 2PORT-EFR THU-6404: All versions) are left in an open state by an attacker, Ethernet communications cannot be established with other devices, depending on the settings of the link parameters.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-03	Third Party Advisory US Government Resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-03	Third Party Advisory US Government Resource

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:jtekt:pc10g-cpu_tcc-6353_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10g-cpu_tcc-6353:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:jtekt:pc10ge_tcc-6464_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10ge_tcc-6464:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:jtekt:pc10p_tcc-6372_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10p_tcc-6372:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:jtekt:pc10p-dp_tcc-6726_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10p-dp_tcc-6726:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:jtekt:pc10p-dp-io_tcc-6752_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10p-dp-io_tcc-6752:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:jtekt:pc10b-p_tcc-6373_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10b-p_tcc-6373:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:jtekt:pc10b_tcc-1021_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10b_tcc-1021:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:jtekt:pc10b-e\/c_tcu-6521_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10b-e\/c_tcu-6521:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:jtekt:pc10e_tcc-4737_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10e_tcc-4737:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:jtekt:plus_cpu_tcc-6740_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:plus_cpu_tcc-6740:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:jtekt:plus_ex_tcu-6741_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:plus_ex_tcu-6741:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:jtekt:plus_ex2_tcu-6858_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:plus_ex2_tcu-6858:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:jtekt:plus_efr_tcu-6743_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:plus_efr_tcu-6743:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:jtekt:plus_efr2_tcu-6859_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:plus_efr2_tcu-6859:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:jtekt:plus_2p-efr_tcu-6929_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:plus_2p-efr_tcu-6929:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:jtekt:plus_bus-ex_tcu-6900_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:plus_bus-ex_tcu-6900:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:jtekt:fl\/et-t-v2h_thu-6289_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:fl\/et-t-v2h_thu-6289:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:jtekt:2port-efr_thu-6404_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:2port-efr_thu-6404:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:58

Type	Values Removed	Values Added
References	~~() https://us-cert.cisa.gov/ics/advisories/icsa-21-103-03 - Third Party Advisory, US Government Resource~~	() https://us-cert.cisa.gov/ics/advisories/icsa-21-103-03 - Third Party Advisory, US Government Resource

Information

Published : 2021-04-19 22:15

Updated : 2024-11-21 05:58

NVD link : CVE-2021-27458

Mitre link : CVE-2021-27458

CVE.ORG link : CVE-2021-27458

JSON object : View

Products Affected

jtekt

pc10ge_tcc-6464
pc10p_tcc-6372
plus_cpu_tcc-6740_firmware
pc10b_tcc-1021
pc10b_tcc-1021_firmware
pc10e_tcc-4737
plus_bus-ex_tcu-6900
pc10b-p_tcc-6373_firmware
pc10p_tcc-6372_firmware
pc10p-dp-io_tcc-6752
plus_cpu_tcc-6740
plus_efr2_tcu-6859
plus_efr2_tcu-6859_firmware
fl\/et-t-v2h_thu-6289_firmware
pc10b-e\/c_tcu-6521
fl\/et-t-v2h_thu-6289
plus_ex_tcu-6741
pc10g-cpu_tcc-6353
plus_ex2_tcu-6858
pc10g-cpu_tcc-6353_firmware
pc10p-dp_tcc-6726_firmware
pc10e_tcc-4737_firmware
pc10p-dp-io_tcc-6752_firmware
pc10ge_tcc-6464_firmware
plus_efr_tcu-6743
2port-efr_thu-6404
plus_efr_tcu-6743_firmware
pc10b-e\/c_tcu-6521_firmware
pc10b-p_tcc-6373
plus_ex_tcu-6741_firmware
pc10p-dp_tcc-6726
plus_bus-ex_tcu-6900_firmware
plus_2p-efr_tcu-6929_firmware
plus_ex2_tcu-6858_firmware
2port-efr_thu-6404_firmware
plus_2p-efr_tcu-6929

CWE

CWE-404

Improper Resource Shutdown or Release

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2021-27458

7.5^/10

5.0^/10

Attach tags to `CVE-2021-27458`