CVE-2014-2345

2014-06-0517:55:05

CWE-20

[email protected]

web.nvd.nist.gov

copa-data

zenon

dnp3

ng driver

process gateway

denial of service

tcp

cve-2014-2345

nvd

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.9%

JSON

COPA-DATA zenon DNP3 NG driver (DNP3 master) 7.10 and 7.11 through 7.11 SP0 build 10238 and zenon DNP3 Process Gateway (DNP3 outstation) 7.11 SP0 build 10238 and earlier allow remote attackers to cause a denial of service (infinite loop and process crash) by sending a crafted DNP3 packet over TCP.

Affected configurations

NVD

Node

copadatazenon_dnp3_ng_driverMatch7.10

copadatazenon_dnp3_ng_driverMatch7.11-

copadatazenon_dnp3_ng_driverMatch7.11sp0_build_10238

copadatazenon_dnp3_process_gatewayMatch7.11sp0_build_10238

CPENameOperatorVersion
copadata:zenon_dnp3_ng_drivercopadata zenon dnp3 ng drivereq7.10
copadata:zenon_dnp3_ng_drivercopadata zenon dnp3 ng drivereq7.11
copadata:zenon_dnp3_process_gatewaycopadata zenon dnp3 process gatewayeq7.11

CPE	Name	Operator	Version
copadata:zenon_dnp3_ng_driver	copadata zenon dnp3 ng driver	eq	7.10
copadata:zenon_dnp3_ng_driver	copadata zenon dnp3 ng driver	eq	7.11
copadata:zenon_dnp3_process_gateway	copadata zenon dnp3 process gateway	eq	7.11

References

ics-cert.us-cert.gov/advisories/ICSA-14-154-01

www.copadata.com/no_cache/en/support/knowledge-base-faq.html?tx_hrfaq_pi1%5Bknowledgebase%5D=813&tx_hrfaq_pi1%5Baction%5D=show&tx_hrfaq_pi1%5Bcontroller%5D=knowledgebase

www.copadata.com/no_cache/en/support/knowledge-base-faq.html?tx_hrfaq_pi1%5Bknowledgebase%5D=814&tx_hrfaq_pi1%5Baction%5D=show&tx_hrfaq_pi1%5Bcontroller%5D=knowledgebase