CVE-2013-2822

2013-12-2114:22:56

CWE-20

[email protected]

web.nvd.nist.gov

vulnerability

denial of service

novatech orion

substation automation

cve-2013-2822

nvd

4.7 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.3%

JSON

NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier and Orion5/Orion5r DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier allow physically proximate attackers to cause a denial of service (driver crash and process restart) via crafted input over a serial line.

Affected configurations

NVD

Node

novatechorion5_dnp_masterMatch1.27.38

novatechorion5_dnp_slaveMatch1.23.10

novatechorion5r_dnp_masterMatch1.27.38

novatechorion5r_dnp_slaveMatch1.23.10

novatechorionlx_dnp_masterMatch1.27.38

novatechorionlx_dnp_slaveMatch1.23.10

CPENameOperatorVersion
novatech:orion5_dnp_masternovatech orion5 dnp mastereq1.27.38
novatech:orion5_dnp_slavenovatech orion5 dnp slaveeq1.23.10
novatech:orion5r_dnp_masternovatech orion5r dnp mastereq1.27.38
novatech:orion5r_dnp_slavenovatech orion5r dnp slaveeq1.23.10
novatech:orionlx_dnp_masternovatech orionlx dnp mastereq1.27.38
novatech:orionlx_dnp_slavenovatech orionlx dnp slaveeq1.23.10

CPE	Name	Operator	Version
novatech:orion5_dnp_master	novatech orion5 dnp master	eq	1.27.38
novatech:orion5_dnp_slave	novatech orion5 dnp slave	eq	1.23.10
novatech:orion5r_dnp_master	novatech orion5r dnp master	eq	1.27.38
novatech:orion5r_dnp_slave	novatech orion5r dnp slave	eq	1.23.10
novatech:orionlx_dnp_master	novatech orionlx dnp master	eq	1.27.38
novatech:orionlx_dnp_slave	novatech orionlx dnp slave	eq	1.23.10