Denial of Service in Rexroth ActiveMover using Profinet protocol
- Advisory ID: BOSCH-SA-637429
- CVE Numbers and CVSS v3.1 Scores:
- Published: 31 Mar 2021
- Last Updated: 31 Mar 2021
The ActiveMover with Profinet communication module (Rexroth no. 3842 559 445) sold by Bosch Rexroth contains communication technology from Hilscher (PROFINET IO Device V3) in which a vulnerability with high severity has been discovered. A Denial of Service vulnerability may lead to unexpected loss of cyclic communication or interruption of acyclic communication.
The vulnerability only affects ActiveMover with the Profinet communication module. If the product is used in closed (machine) networks with no access to the internet the risk of the vulnerability is very low.
- Rexroth ActiveMover with configuration: ‘using Profinet communication module (Rexroth no. 3842 559 445)’
Solution and Mitigations
Closed (machine) network
There is actually no workaround. However, Bosch Rexroth recommends to operate the product in a closed (machine) network with no access to the internet and implement the following measure:
Minimize network exposure and ensure that the products are not accessible via the Internet.
Network segmentation/ Firewall: Isolate affected products from the corporate network.
If remote access is required, use secure methods such as virtual private networks (VPNs).
With these measures the risk of the vulnerability is very low.
The ActiveMover has a network coupler with a Hilscher protocol stack. This Hilscher protocol stack (PROFINET IO Device V3) does not properly limit available resources when handling Read Implicit Request services, depending on the content of the request. This may lead to shortage of resources so that the affected device
can no longer perform acyclic requests
may drop all established cyclic connections
may disappear completely from the network
CVE description: A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V22.214.171.124. This may lead to unexpected loss of cyclic communication or interruption of acyclic communication.
- Problem Type:
CVSS Vector String:
- Base Score: 7.5 (High)
Vulnerability classification has been performed using the CVSS v3.1 scoring system . The CVSS environmental score is specific to each customer’s environment and should be defined by the customer to attain a final scoring.
-  Hilscher Security Advisory: https://kb.hilscher.com/display/ISMS/2020-12-03+Denial+of+Service+vulnerability+in+PROFINET+IO+Device
Please contact the Bosch PSIRT if you have feedback, comments, or additional information about this vulnerability at: email@example.com .
- 31 Mar 2021: Initial Publication