Lucene search
PRIOn knowledge basePRION:CVE-2013-2823HistoryNov 22, 2013 - 1:55 a.m.
Design/Logic Flaw
2013-11-2201:55:00
PRIOn knowledge base
www.prio-n.com
1
The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I/O driver before 7.20k, as used in DNPDrv.exe (aka the DNP master station server) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line.
References
ics-cert.us-cert.gov/advisories/ICSA-13-297-01
ics-cert.us-cert.gov/advisories/ICSA-13-297-02
support.ge-ip.com/support/index?page=kbchannel&id=S:KB15805
support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/15000/KB15805/en_US/GEIP13-04%20Security%20Advisory%20-%20Proficy%20HMI%20SCADA%20DNP3%20Driver%20from%20Catapult%20Software.pdf
Related
cve
cve
CVE-2013-2823
2013-11-22 01:55:03
cvelist
cvelist
CVE-2013-2823
2013-11-22 01:00:00
nvd
nvd
CVE-2013-2823
2013-11-22 01:55:03
ics
ics
GE Proficy DNP3 Improper Input Validation
2013-12-17 12:00:00
Catapult Software DNP3 Driver Improper Input Validation
2013-12-17 12:00:00