Summary
The affected product families are cameras SBOC/SBOI and the Controller SBRD. The vulnerabilities are located within the Ethernet IP Stack from EIPStackGroup OpENer Ethernet/IP.
Impact
Please consult the CVEs listed above and ICSA-21-105-02.
Affected Product(s)
| Model no. | Product name | Affected versions | 
|---|---|---|
| SBOC-Q-R1B | SBOC-Q-R1B | Firmware vers:all/* | 
| SBOC-Q-R1B-S1 | SBOC-Q-R1B-S1 | Firmware vers:all/* | 
| SBOC-Q-R1C | SBOC-Q-R1C | Firmware vers:all/* | 
| SBOC-Q-R1C-S1 | SBOC-Q-R1C-S1 | Firmware vers:all/* | 
| SBOC-Q-R2B | SBOC-Q-R2B | Firmware vers:all/* | 
| SBOC-Q-R2B-S1 | SBOC-Q-R2B-S1 | Firmware vers:all/* | 
| SBOC-Q-R2C | SBOC-Q-R2C | Firmware vers:all/* | 
| SBOC-Q-R3B-WB | SBOC-Q-R3B-WB | Firmware vers:all/* | 
| SBOC-Q-R3B-WB-S1 | SBOC-Q-R3B-WB-S1 | Firmware vers:all/* | 
| SBOC-Q-R3C-WB | SBOC-Q-R3C-WB | Firmware vers:all/* | 
| SBOC-Q-R3C-WB-S1 | SBOC-Q-R3C-WB-S1 | Firmware vers:all/* | 
| SBOI-Q-R1B | SBOI-Q-R1B | Firmware vers:all/* | 
| SBOI-Q-R1B-S1 | SBOI-Q-R1B-S1 | Firmware vers:all/* | 
| SBOI-Q-R1C | SBOI-Q-R1C | Firmware vers:all/* | 
| SBOI-Q-R1C-S1 | SBOI-Q-R1C-S1 | Firmware vers:all/* | 
| 555839 | SBOI-Q-R3B-WB | Firmware vers:all/* | 
| SBOI-Q-R3B-WB-S1 | SBOI-Q-R3B-WB-S1 | Firmware vers:all/* | 
| SBOI-Q-R3C-WB | SBOI-Q-R3C-WB | Firmware vers:all/* | 
| SBOI-Q-R3C-WB-S1 | SBOI-Q-R3C-WB-S1 | Firmware vers:all/* | 
| SBRD-Q | SBRD-Q | Firmware vers:all/* | 
Vulnerabilities
Expand / Collapse allA specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may cause a denial-of-service condition.
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition.
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition.
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may allow the attacker to read arbitrary data.
Mitigation
- Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.
- Deactivate EtherNet/IP in device settings if not used
Remediation
There is no fix planned.
Acknowledgments
Festo SE & Co. KG thanks the following parties for their efforts:
- CERT@VDE for coordination and support with this publication (see https://certvde.com )
Revision History
| Version | Date | Summary | 
|---|---|---|
| 1.0.0 | 09/28/2021 13:13 | Initial revision. | 
| 1.0.1 | 01/11/2024 11:00 | Adjust link to VDE Advisory | 
| 1.0.2 | 08/26/2025 12:00 | Adjusted to VDE template. Changed document title from 'Vulnerability in Ethernet/IP Stack of SBRD-Q/SBOC-Q/SBOI-Q' to 'Festo: Multiple vulnerabilities in Ethernet/IP Stack of SBRD-Q/SBOC-Q/SBOI-Q'. Updated legal disclaimer to add references to special provisions.". Updated vulnerability notes and mitigation information. Updated legal disclaimer to add references to special provisions. |