Pepperl+Fuchs GmbH — 00:0D:81 (MA-L)

Pepperl+Fuchs is a German industrial-automation manufacturer founded in 1945 by Walter Pepperl and Ludwig Fuchs, originally a radio workshop in Mannheim, where the company is still headquartered (Schönau district). It holds a single IEEE MA-L block — 00:0D:81 — registered to "Pepperl+Fuchs GmbH" at Lilienthalstraße 200, Mannheim, DE 68307; no MA-M or MA-S allocations exist. What matters for network work is what carries this OUI: it appears almost exclusively on OT/ICS equipment, not consumer or enterprise IT. The block surfaces on RocketLinx managed industrial Ethernet switches (Comtrol brand, acquired by Pepperl+Fuchs), IO-Link Master gateways (ICE2/ICE3 supporting EtherNet/IP, PROFINET, MODBUS TCP), DeviceMaster serial-to-Ethernet gateways, and RFID and barcode/vision controllers — devices deployed in factory and process automation, including hazardous (Ex-rated) areas. That makes the OUI a strong tell for an OT environment, and a notable one from a security standpoint: multiple published ICS-CERT/CISA advisories and CVEs target its network-connected products, most seriously the 2020 RocketLinx switch chain (CVE-2020-12500 through -12504, several allowing unauthenticated takeover) and the IO-Link Master gateways (CVE-2020-12511 through -12514, plus inherited BusyBox/OpenSSL flaws). Mitigating that, Pepperl+Fuchs earned IEC 62443-4-1 secure-development certification from TÜV SÜD in 2023. Seeing 00:0D:81 in a scan should prompt asset-inventory and patch-level review against those advisories. IEEE publishes no registration date for this or any OUI, so none is recorded here.

IEEE assignment

00:0D:81 → Pepperl+Fuchs GmbH (MA-L, 24-bit OUI) [Confirmed] — IEEE oui.csv (enrichment/registries/oui.csv); cross-confirmed vendor name on Wikipedia (en.wikipedia.org/wiki/Pepperl%2BFuchs)

Registry / block size

MA-L (24-bit OUI); exactly one IEEE block. No MA-M (mam.csv) or MA-S (oui36.csv) entries. [Confirmed] — IEEE oui.csv. NOTE: IEEE public OUI data publishes NO assignment/registration date (columns are only Registry, Assignment, Organization Name, Organization Address); any "date registered" on third-party tools is a database artifact, not an IEEE fact.

HQ / country

Lilienthalstraße 200, Mannheim, DE 68307, Germany (registry address; corporate HQ Mannheim, Schönau district) [Confirmed] — IEEE oui.csv; en.wikipedia.org/wiki/Pepperl%2BFuchs

Company status

active; founded 1945 (Walter Pepperl, Ludwig Fuchs); converted from GmbH to Societas Europaea (SE) 2019–2020; >6,850 employees (2024); revenue >€1B (2022) [Confirmed] — en.wikipedia.org/wiki/Pepperl%2BFuchs

Device types

industrial OT/ICS network equipment — RocketLinx managed industrial Ethernet switches (Comtrol brand), IO-Link Master gateways (ICE2/ICE3), DeviceMaster serial-to-Ethernet gateways, RFID read/write devices, barcode/vision controllers [Confirmed] — pepperl-fuchs.com industrial-ethernet (gp35224); pepperl-fuchs.com comtrol (gp33197)

Notable products

RocketLinx switches, IO-Link Master (ICE2/ICE3) gateways, DeviceMaster serial gateways

Industry

industrial / factory & process automation (sensors, ICS networking, explosion protection)

Typical deployment context

OT networks — factory automation (assembly, robotics, conveyors) and process automation (oil/gas, chemicals, pharma, water); devices sit behind industrial DMZs or air-gapped segments. This OUI strongly implies an OT/ICS environment, not consumer or enterprise IT. [Confirmed] — ics-cert.kaspersky.com (IO-Link Master advisory, 2021); pepperl-fuchs.com industrial-ethernet

Network protocols

PROFINET, EtherNet/IP, MODBUS TCP, EtherCAT, OPC UA, AS-Interface, IO-Link, HART; serial bridging (RS-232/422/485 ↔ Ethernet) via DeviceMaster; SSL/SSH management on DeviceMaster series [Confirmed] — pepperl-fuchs.com industrial-ethernet (gp35224); pepperl-fuchs.com comtrol (gp33197)

Security context

multiple ICS-CERT/CISA advisories and CVEs against network-connected products. (1) RocketLinx switches (2020): CVE-2020-12500..12504 — unauthenticated config modification, backdoor accounts, TFTP root-level file access, command injection; several enable full device takeover with network access only. (2) IO-Link Master gateways (2020–21): CVE-2020-12511 (CSRF, CVSS 8.8), -12512 (reflected XSS, 7.5), -12513 (command injection, 7.5), -12514 (DoS, 6.6), plus inherited BusyBox (CVE-2018-20679) and OpenSSL (CVE-2018-0732). (3) CT50-Ex handheld (2018): CVE-2018-14825 (7.6). (4) WPA2 KRACK on WLAN devices (2017): CVE-2017-13088 (8.1). (5) HART Device DTM buffer overflow (2015): CVE-2014-9191. Mitigation: IEC 62443-4-1 cybersecurity certification from TÜV SÜD (2023); public cybersecurity reporting page; Kaspersky ICS CERT notes risk is substantially lower for devices behind industrial DMZs vs. internet-exposed. [Confirmed] — securityweek.com (RocketLinx advisory); ics-cert.kaspersky.com (IO-Link Master, 2021); us-cert ICSA-15-036-02, ICSA-18-303-01, ICSA-17-353-02; pepperl-fuchs.com IEC 62443-4-1 news (gn2890)

Analyst note

00:0D:81 on a network is a high-signal OT/ICS indicator. Treat it as a prompt to inventory the device, identify the exact product line, and check patch level against the RocketLinx and IO-Link Master advisories above — these are not theoretical CVEs. The OUI identifies genuine Pepperl+Fuchs hardware on globally-administered addresses; industrial embedded gear of this class does not typically use MAC randomization.