CVE-2013-2825

2013-12-0420:55:05

CWE-20

[email protected]

web.nvd.nist.gov

cve-2013-2825

dnp3 service

outstation component

elecsys director gateway

denial of service

cpu consumption

communication outage

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

66.1%

JSON

The DNP3 service in the Outstation component on Elecsys Director Gateway devices with kernel 2.6.32.11ael1 and earlier allows remote attackers to cause a denial of service (CPU consumption and communication outage) via crafted input.

Affected configurations

NVD

Node

elecsyscorpdirector_dnp3_outstation_kernelMatch2.6.32.11ae11

AND

elecsyscorpdirector_industrial_communication_gatewayMatch-

CPENameOperatorVersion
elecsyscorp:director_dnp3_outstation_kernelelecsyscorp director dnp3 outstation kerneleq2.6.32.11
elecsyscorp:director_industrial_communication_gatewayelecsyscorp director industrial communication gatewayeq-

CPE	Name	Operator	Version
elecsyscorp:director_dnp3_outstation_kernel	elecsyscorp director dnp3 outstation kernel	eq	2.6.32.11
elecsyscorp:director_industrial_communication_gateway	elecsyscorp director industrial communication gateway	eq	-