Aggregates CVE and security vulnerability intelligence across all opener_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk memory corruption and vendor risk buffer overflow and related security problems, affecting vendor surface software deployment and vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-43606 | A use-of-uninitialized-pointer vulnerability exists in the Forward Open connection_management_entry functionality of EIP Stack Group OpENer development commit 58ee13c. A specially-crafted EtherNet/IP request can lead to use of a null pointer, causing the server to crash. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability. | [email protected] | 7.5 | 0.67% | 2023-03-16 | 2024-11-21 |
| CVE-2022-43605 | An out-of-bounds write vulnerability exists in the SetAttributeList attribute_count_request functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out of bounds write, potentially causing the server to crash or allow for remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability. | [email protected] | 10.0 | 7.64% | 2023-03-16 | 2024-11-21 |
| CVE-2022-43604 | An out-of-bounds write vulnerability exists in the GetAttributeList attribute_count_request functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out-of-bounds write, potentially causing the server to crash or allow for remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability. | [email protected] | 10.0 | 7.64% | 2023-03-16 | 2024-11-21 |
| CVE-2022-32434 | EIPStackGroup OpENer v2.3.0 was discovered to contain a stack overflow via /bin/posix/src/ports/POSIX/OpENer+0x56073d. | [email protected] | 7.8 | 0.26% | 2022-07-15 | 2024-11-21 |
| CVE-2021-27500 | A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition. | [email protected] | 7.5 | 0.11% | 2022-05-12 | 2024-11-21 |
| CVE-2021-27498 | A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition. | [email protected] | 7.5 | 0.11% | 2022-05-12 | 2024-11-21 |
| CVE-2021-27482 | A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may allow the attacker to read arbitrary data. | [email protected] | 7.5 | 0.15% | 2022-05-12 | 2024-11-21 |
| CVE-2021-27478 | A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may cause a denial-of-service condition. | [email protected] | 8.2 | 0.12% | 2022-05-12 | 2024-11-21 |
| CVE-2021-21777 | An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read. | [email protected] | 10.0 | 0.34% | 2021-06-17 | 2024-11-21 |
| CVE-2020-13556 | An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. | [email protected] | 9.8 | 2.65% | 2020-12-11 | 2024-11-21 |
| CVE-2020-13530 | A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of requests to trigger this vulnerability. | [email protected] | 7.5 | 0.41% | 2020-12-11 | 2024-11-21 |