CVE-2013-2821

2013-12-2114:22:56

CWE-20

[email protected]

web.nvd.nist.gov

cve-2013-2821

novatech orion

substation automation

dnp master

dnp slave

denial of service

nvd

cybersecurity

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.1%

JSON

NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier and Orion5/Orion5r DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier allow remote attackers to cause a denial of service (driver crash and process restart) via a crafted DNP3 TCP packet.

Affected configurations

NVD

Node

novatechorion5_dnp_masterMatch1.27.38

novatechorion5_dnp_slaveMatch1.23.10

novatechorion5r_dnp_masterMatch1.27.38

novatechorion5r_dnp_slaveMatch1.23.10

novatechorionlx_dnp_masterMatch1.27.38

novatechorionlx_dnp_slaveMatch1.23.10

CPENameOperatorVersion
novatech:orion5_dnp_masternovatech orion5 dnp mastereq1.27.38
novatech:orion5_dnp_slavenovatech orion5 dnp slaveeq1.23.10
novatech:orion5r_dnp_masternovatech orion5r dnp mastereq1.27.38
novatech:orion5r_dnp_slavenovatech orion5r dnp slaveeq1.23.10
novatech:orionlx_dnp_masternovatech orionlx dnp mastereq1.27.38
novatech:orionlx_dnp_slavenovatech orionlx dnp slaveeq1.23.10

CPE	Name	Operator	Version
novatech:orion5_dnp_master	novatech orion5 dnp master	eq	1.27.38
novatech:orion5_dnp_slave	novatech orion5 dnp slave	eq	1.23.10
novatech:orion5r_dnp_master	novatech orion5r dnp master	eq	1.27.38
novatech:orion5r_dnp_slave	novatech orion5r dnp slave	eq	1.23.10
novatech:orionlx_dnp_master	novatech orionlx dnp master	eq	1.27.38
novatech:orionlx_dnp_slave	novatech orionlx dnp slave	eq	1.23.10