CVE-2021-27458

If Ethernet communication of the JTEKT Corporation TOYOPUC product series’ (TOYOPUC-PC10 Series: PC10G-CPU TCC-6353: All versions, PC10GE TCC-6464: All versions, PC10P TCC-6372: All versions, PC10P-DP TCC-6726: All versions, PC10P-DP-IO TCC-6752: All versions, PC10B-P TCC-6373: All versions, PC10B TCC-1021: All versions, PC10B-E/C TCU-6521: All versions, PC10E TCC-4737: All versions; TOYOPUC-Plus Series: Plus CPU TCC-6740: All versions, Plus EX TCU-6741: All versions, Plus EX2 TCU-6858: All versions, Plus EFR TCU-6743: All versions, Plus EFR2 TCU-6859: All versions, Plus 2P-EFR TCU-6929: All versions, Plus BUS-EX TCU-6900: All versions; TOYOPUC-PC3J/PC2J Series: FL/ET-T-V2H THU-6289: All versions, 2PORT-EFR THU-6404: All versions) are left in an open state by an attacker, Ethernet communications cannot be established with other devices, depending on the settings of the link parameters.

CVSS v3.0 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-03	Third Party Advisory US Government Resource

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:jtekt:pc10g-cpu_tcc-6353_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10g-cpu_tcc-6353:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:jtekt:pc10ge_tcc-6464_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10ge_tcc-6464:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:jtekt:pc10p_tcc-6372_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10p_tcc-6372:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:jtekt:pc10p-dp_tcc-6726_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10p-dp_tcc-6726:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:jtekt:pc10p-dp-io_tcc-6752_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10p-dp-io_tcc-6752:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:jtekt:pc10b-p_tcc-6373_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10b-p_tcc-6373:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:jtekt:pc10b_tcc-1021_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10b_tcc-1021:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:jtekt:pc10b-e\/c_tcu-6521_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10b-e\/c_tcu-6521:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:jtekt:pc10e_tcc-4737_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:pc10e_tcc-4737:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:jtekt:plus_cpu_tcc-6740_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:plus_cpu_tcc-6740:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:jtekt:plus_ex_tcu-6741_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:plus_ex_tcu-6741:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:jtekt:plus_ex2_tcu-6858_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:plus_ex2_tcu-6858:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:jtekt:plus_efr_tcu-6743_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:plus_efr_tcu-6743:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:jtekt:plus_efr2_tcu-6859_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:plus_efr2_tcu-6859:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:jtekt:plus_2p-efr_tcu-6929_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:plus_2p-efr_tcu-6929:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:jtekt:plus_bus-ex_tcu-6900_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:plus_bus-ex_tcu-6900:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:jtekt:fl\/et-t-v2h_thu-6289_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:fl\/et-t-v2h_thu-6289:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:jtekt:2port-efr_thu-6404_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:jtekt:2port-efr_thu-6404:-:*:*:*:*:*:*:*

Information

Published : 2021-04-19 15:15

Updated : 2021-04-29 08:05

NVD link : CVE-2021-27458

Mitre link : CVE-2021-27458

JSON object : View

CWE

CWE-404

Improper Resource Shutdown or Release

Products Affected

jtekt

fl\/et-t-v2h_thu-6289_firmware
plus_efr_tcu-6743
plus_efr_tcu-6743_firmware
pc10p-dp_tcc-6726
pc10p-dp-io_tcc-6752
pc10p-dp-io_tcc-6752_firmware
plus_2p-efr_tcu-6929_firmware
pc10b_tcc-1021
plus_ex2_tcu-6858
2port-efr_thu-6404_firmware
plus_bus-ex_tcu-6900_firmware
pc10ge_tcc-6464
pc10g-cpu_tcc-6353
pc10p_tcc-6372_firmware
pc10p-dp_tcc-6726_firmware
plus_ex2_tcu-6858_firmware
plus_efr2_tcu-6859
pc10b-p_tcc-6373
pc10g-cpu_tcc-6353_firmware
pc10b-p_tcc-6373_firmware
pc10e_tcc-4737_firmware
plus_2p-efr_tcu-6929
pc10b-e\/c_tcu-6521
plus_ex_tcu-6741_firmware
plus_efr2_tcu-6859_firmware
plus_cpu_tcc-6740
plus_bus-ex_tcu-6900
pc10ge_tcc-6464_firmware
pc10e_tcc-4737
2port-efr_thu-6404
pc10b_tcc-1021_firmware
plus_cpu_tcc-6740_firmware
plus_ex_tcu-6741
fl\/et-t-v2h_thu-6289
pc10p_tcc-6372
pc10b-e\/c_tcu-6521_firmware

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2021-27458

7.5^/10

5.0^/10

Attach tags to `CVE-2021-27458`