CVE-2021-32998

{"id": "CVE-2021-32998", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 8.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 2.2}]}, "published": "2022-01-10T14:10:17.337", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-243-02", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "The FANUC R-30iA and R-30iB series controllers are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code. INIT START/restore from backup required."}, {"lang": "es", "value": "Los controladores de la serie R-30iA y R-30iB de FANUC son vulnerables a una escritura fuera de l\u00edmites, que puede permitir a un atacante ejecutar c\u00f3digo arbitrario de forma remota. Es requerido INIT START/restauraci\u00f3n desde una copia de seguridad"}], "lastModified": "2022-03-21T17:58:31.550", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fanuc:r-30ia_firmware:7.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5330143-E90D-4A39-AB80-6355339C505C"}, {"criteria": "cpe:2.3:o:fanuc:r-30ia_firmware:7.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F521607-1BD1-464B-B84E-87C312FB1458"}, {"criteria": "cpe:2.3:o:fanuc:r-30ia_firmware:7.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A76373A-B737-4FCD-97DE-403185FE3484"}, {"criteria": "cpe:2.3:o:fanuc:r-30ia_firmware:7.43:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1A1AA6E-B4C1-4D1F-BBD5-479BCA0FCDB5"}, {"criteria": "cpe:2.3:o:fanuc:r-30ia_firmware:7.50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA808E46-5807-43CF-8B5A-415BE815F1DD"}, {"criteria": "cpe:2.3:o:fanuc:r-30ia_firmware:7.63:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47F0E0F7-D634-47B1-8C3A-FF5B6701FF63"}, {"criteria": "cpe:2.3:o:fanuc:r-30ia_firmware:7.70:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57979C61-590D-48F6-B81C-8FFC38753943"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fanuc:r-30ia:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1C1FCE2E-7FB5-485F-9988-0E60E0920E55"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fanuc:r-30ia_mate_firmware:7.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0BFC3FD-5DC5-4A64-8C9A-7408FF091BD2"}, {"criteria": "cpe:2.3:o:fanuc:r-30ia_mate_firmware:7.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "839A495D-487D-4A07-A486-FF06646DD319"}, {"criteria": "cpe:2.3:o:fanuc:r-30ia_mate_firmware:7.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64D21270-85D1-469B-8043-4F28A90C924F"}, {"criteria": "cpe:2.3:o:fanuc:r-30ia_mate_firmware:7.43:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7F6094F-1A32-4D98-81FC-1B985BEECAB9"}, {"criteria": "cpe:2.3:o:fanuc:r-30ia_mate_firmware:7.50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D5246EF-BCB6-461F-A912-44B681501BB7"}, {"criteria": "cpe:2.3:o:fanuc:r-30ia_mate_firmware:7.63:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C83B4133-EE21-4B5C-BBEE-B179F384254B"}, {"criteria": "cpe:2.3:o:fanuc:r-30ia_mate_firmware:7.70:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA180D09-18ED-4656-B460-FCDCD39AB4A0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fanuc:r-30ia_mate:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4DCE050F-1062-4456-8C4E-6F9C649D55F5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fanuc:r-30ib_mate_firmware:8.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6975C033-7695-44EE-9C9A-A81069C365CF"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mate_firmware:8.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC553460-B492-4061-9322-1876E6E06008"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mate_firmware:8.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A32EC2AD-BA02-496E-983C-65BBFC77892E"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mate_firmware:8.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FC3B973-F784-4407-991C-8A7815BE0A57"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mate_firmware:8.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5ECC95E-8297-4539-B365-D6DFB268E91D"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mate_firmware:8.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45E35D08-9A90-47AD-BFCA-F9CB369B042E"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mate_firmware:8.33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6AA7F96-98BB-4F72-8EE7-D1BA529AE399"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mate_firmware:8.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59024A73-BAE6-493C-BF8D-5C1D36A84234"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fanuc:r-30ib_mate:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E32A68FE-FF9E-4FC5-B4DD-67242BC632B5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fanuc:r-30ib_compact_firmware:8.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3C91206-B54C-4E41-96AF-7A59CFBDD516"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_compact_firmware:8.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B5C56CC-50A7-4697-8504-F30137C1B5C5"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_compact_firmware:8.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90E75BF9-7FBE-47C7-AA07-2C440D4E10E6"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_compact_firmware:8.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC936B5A-CC17-42E5-B5D5-203298A1E01F"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_compact_firmware:8.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "864EEF01-51CB-4BB4-8808-460DCB0DAEE1"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_compact_firmware:8.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DAF3A19-D4A4-41E4-9B29-8436EF6A83D0"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_compact_firmware:8.33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC3EB58D-9719-4AD8-8788-E394DBF776C8"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_compact_firmware:8.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81C33E27-1FD6-4353-B4E5-99A225DEF0AE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fanuc:r-30ib_compact:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1DAB826E-541C-4A73-B9E1-FE6B002111CD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fanuc:r-30ib_firmware:8.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C52D665-0E74-488A-9988-CA033BA5E951"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_firmware:8.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46AF6F6E-A162-4850-A0A9-C74AC38A94D2"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_firmware:8.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2F10B87-9412-4007-91CB-E3D95525758B"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_firmware:8.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F54846C-FBA4-456D-B2D3-341828929FD0"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_firmware:8.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BAAF98F-A594-47B0-8261-09BAB2AD17FA"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_firmware:8.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDED6882-2C06-4D67-9552-A1B6938229BF"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_firmware:8.33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14A68621-6216-4CD7-916C-E31D783F0DE1"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_firmware:8.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "863A7BC5-C0F5-4528-8A21-D04D9D31AE97"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fanuc:r-30ib:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8DF78494-4464-409E-85CC-2DEEBDC5D2E6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fanuc:r-30ib_mate_plus_firmware:9.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31FE32D8-4D63-49B5-92D2-FE41D4DEDD7C"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mate_plus_firmware:9.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5456471-AE98-438A-890F-7FB5C8A09405"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mate_plus_firmware:9.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9170D349-E0D7-46B4-80E8-83506A0F5D78"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mate_plus_firmware:9.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85554BF1-D5E4-4379-91C5-356490BB49DB"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mate_plus_firmware:9.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D421824D-3F11-443C-8E5D-4B294A732B97"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mate_plus_firmware:9.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FB317E6-15F4-4AD3-A951-0C9D23784478"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fanuc:r-30ib_mate_plus:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FFB97399-05B1-4BAE-88D9-F7C4E73A4C59"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fanuc:r-30ib_compact_plus_firmware:9.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B96D5343-FDE7-4065-AE1F-86C409F61E05"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_compact_plus_firmware:9.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20002FF3-03F6-4BC1-97CC-7D41A453F961"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_compact_plus_firmware:9.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9901D6B-3D0C-4D8E-B8F7-5CA0005239AA"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_compact_plus_firmware:9.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7FB9180-E37A-4722-8F09-D35891396DA6"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_compact_plus_firmware:9.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBAC639A-4554-4335-BA8E-A40D07979E5B"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_compact_plus_firmware:9.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A26BA06-0920-49B7-B4D2-EB70C9DB1DDB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fanuc:r-30ib_compact_plus:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FE1F5E5B-769F-4CE7-8BEC-8013981AE009"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fanuc:r-30ib_mini_plus_firmware:9.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A598FBB7-4A1D-45D4-BC93-2F9C48439BE7"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mini_plus_firmware:9.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA331696-13AA-4588-8EB8-B9DDDE61C853"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mini_plus_firmware:9.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8AF13EC-758F-447D-8B82-2B34538B200C"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mini_plus_firmware:9.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FAE2E2FC-88B4-4219-9E34-F1EE0639A65D"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mini_plus_firmware:9.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A347C273-D19F-40A4-99B4-86D33032F257"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_mini_plus_firmware:9.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98274BF3-58B0-453F-B479-654600C81085"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fanuc:r-30ib_mini_plus:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E4F1334D-51B0-42D1-8427-1E9365F3D526"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fanuc:r-30ib_plus_firmware:9.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E518BE35-F3C5-4D88-807B-DB3444DB36F0"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_plus_firmware:9.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1794F756-AB92-4D28-957B-46736BDA5ECB"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_plus_firmware:9.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3A3DC78-2D49-499A-B5A3-4AF612D34AF9"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_plus_firmware:9.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4A083CB-B642-4437-8CF2-10EF199C260D"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_plus_firmware:9.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82ADA892-078E-4BEC-A716-667BEEBAA813"}, {"criteria": "cpe:2.3:o:fanuc:r-30ib_plus_firmware:9.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7AA5F91-6F05-4BA7-872F-B8DFF7F72D94"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fanuc:r-30ib_plus:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "91FB7C00-AD90-4162-9EA9-8B2572AA5BDD"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}