CVE-2013-2790

The CVE-2013-2790 vulnerability affects IOServer’s master-station DNP3 driver prior to driver19.exe and Beta2041.exe. It stems from improper input validation on TCP port 20000 (DNP3), allowing remote attackers to trigger an infinite loop and cause a denial of service. ICS-CERT confirms remote exp...

CVE-2014-5425

CVE-2014-5425 affects IOServer and related DNP3 implementations. The flaw is an out-of-bounds read triggered by a null DNP3 header, leading to potential remote denial of service by exhausting master entries. According to ICS-CERT advisories, IOServer (Beta2112.exe) and related DNP3 implementation...

CVE-2012-4680

CVE-2012-4680 is a directory-traversal vulnerability in IOServer’s XML Server prior to version 1.0.19.0. When the Root Directory pathname lacks a trailing backslash, remote attackers can read arbitrary files or list directories via a .. in the URI. The issue affects IOServer XML Server components...

CVE-2013-2783

CVE-2013-2783 involves IOServer’s DNP3 driver (drivers 1.0.19.0). Affected component: TCP port 20000 input handling. Root cause: improper input validation can trigger an infinite loop, allowing remote attackers to cause a denial of service and potentially obtain unspecified control. Impact: remot...