CVE-2013-2804

Name of the Vulnerable Software and Affected Versions Software Toolbox TOP Server versions prior to 5.12.140.0

Description The issue allows remote attackers to cause a denial of service via crafted DNP3 packets to TCP port 20000, and physically proximate attackers to cause a denial of service via crafted input over a serial line, resulting in a master-station infinite loop.

Recommendations For versions prior to 5.12.140.0, update to version 5.12.140.0 or later to resolve the issue. As a temporary workaround, consider restricting access to TCP port 20000 and limiting physical access to the serial line to minimize the risk of exploitation.