[email protected]CVE-2013-2793

HistorySep 09, 2013 - 11:39 a.m.

CVE-2013-2793

2013-09-0911:39:00

CWE-119

[email protected]

web.nvd.nist.gov

cve

2013

2793

triangle microworks

scada

data gateway

dnp3

.net

protocol

tcp

denial of service

nvd

6.9 Medium

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

58.6%

JSON

Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet.

CPENameOperatorVersion
trianglemicroworks:.net_communication_protocol_componentstrianglemicroworks .net communication protocol componentseq3.15.0.369
trianglemicroworks:ansi_c_source_code_librariestrianglemicroworks ansi c source code librarieseq3.15.0000
trianglemicroworks:scada_data_gatewaytrianglemicroworks scada data gatewayeq3.00.0616
trianglemicroworks:scada_data_gatewaytrianglemicroworks scada data gatewayeq2.50
trianglemicroworks:.net_communication_protocol_componentstrianglemicroworks .net communication protocol componentseq3.06.0.171
trianglemicroworks:ansi_c_source_code_librariestrianglemicroworks ansi c source code librarieseq3.06.0000
trianglemicroworks:scada_data_gatewaytrianglemicroworks scada data gatewayeq2.50.0309

CPE	Name	Operator	Version
trianglemicroworks:.net_communication_protocol_components	trianglemicroworks .net communication protocol components	eq	3.15.0.369
trianglemicroworks:ansi_c_source_code_libraries	trianglemicroworks ansi c source code libraries	eq	3.15.0000
trianglemicroworks:scada_data_gateway	trianglemicroworks scada data gateway	eq	3.00.0616
trianglemicroworks:scada_data_gateway	trianglemicroworks scada data gateway	eq	2.50
trianglemicroworks:.net_communication_protocol_components	trianglemicroworks .net communication protocol components	eq	3.06.0.171
trianglemicroworks:ansi_c_source_code_libraries	trianglemicroworks ansi c source code libraries	eq	3.06.0000
trianglemicroworks:scada_data_gateway	trianglemicroworks scada data gateway	eq	2.50.0309

References

ics-cert.us-cert.gov/advisories/ICSA-13-240-01

www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf

6.9 Medium

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

58.6%

JSON

Related for CVE-2013-2793

prion1 ics1