Design/Logic Flaw

2013-12-2114:22:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.1%

JSON

NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier and Orion5/Orion5r DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier allow remote attackers to cause a denial of service (driver crash and process restart) via a crafted DNP3 TCP packet.

CPENameOperatorVersion
orion5_dnp_mastereq1.27.38
orion5_dnp_slaveeq1.23.10
orion5r_dnp_mastereq1.27.38
orion5r_dnp_slaveeq1.23.10
orionlx_dnp_mastereq1.27.38
orionlx_dnp_slaveeq1.23.10

Name	Operator	Version
orion5_dnp_master	eq	1.27.38
orion5_dnp_slave	eq	1.23.10
orion5r_dnp_master	eq	1.27.38
orion5r_dnp_slave	eq	1.23.10
orionlx_dnp_master	eq	1.27.38
orionlx_dnp_slave	eq	1.23.10

References

ics-cert.us-cert.gov/advisories/ICSA-13-352-01