PT-2013-3950 · Novatech · Orion5/Orion5R Dnp Slave+3
Adam Crain
+1
·
Publicado
2013-12-21
·
Atualizado
2013-12-26
·
CVE-2013-2821
CVSS v2.0
7.1
Alta
| Vetor | AV:N/AC:M/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
NovaTech Orion Substation Automation Platform OrionLX DNP Master versions 1.27.38 and earlier
NovaTech Orion Substation Automation Platform OrionLX DNP Slave versions 1.23.10 and earlier
NovaTech Orion5/Orion5r DNP Master versions 1.27.38 and earlier
NovaTech Orion5/Orion5r DNP Slave versions 1.23.10 and earlier
Description
The issue allows remote attackers to cause a denial of service, resulting in a driver crash and process restart, via a crafted DNP3 TCP packet.
Recommendations
For NovaTech Orion Substation Automation Platform OrionLX DNP Master version 1.27.38 and earlier, update to a version that fixes the issue.
For NovaTech Orion Substation Automation Platform OrionLX DNP Slave version 1.23.10 and earlier, update to a version that fixes the issue.
For NovaTech Orion5/Orion5r DNP Master version 1.27.38 and earlier, update to a version that fixes the issue.
For NovaTech Orion5/Orion5r DNP Slave version 1.23.10 and earlier, update to a version that fixes the issue.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Orion5/Orion5R Dnp Master
Orion5/Orion5R Dnp Slave
Orionlx Dnp Master
Orionlx Dnp Slave