CVE-2021-27478

INCORRECT CONVERSION BETWEEN NUMERIC TYPES CWE-681
A specifically crafted packet sent by an attacker to the affected devices may cause a denial-of-service condition.
Read more: Fuzzing and PR'ing: How We Found Bugs in a Popular Third-Party EtherNet/IP Protocol Stack

Risk Information

  • CVE ID
  • CVE-2021-27478
  • Vendor
  • EIPStackGroup
  • Product
  • OpENer EtherNet/IP
  • CVSS v3
  • 8.2