CVE-2014-2345

Name of the Vulnerable Software and Affected Versions COPA-DATA zenon DNP3 NG driver (DNP3 master) versions 7.10 through 7.11 SP0 build 10238 COPA-DATA zenon DNP3 Process Gateway (DNP3 outstation) versions 7.11 SP0 build 10238 and earlier

Description The issue allows remote attackers to cause a denial of service by sending a crafted DNP3 packet over TCP, resulting in an infinite loop and process crash.

Recommendations For COPA-DATA zenon DNP3 NG driver (DNP3 master) versions 7.10 through 7.11 SP0 build 10238, update to a version that includes a fix for this issue. For COPA-DATA zenon DNP3 Process Gateway (DNP3 outstation) versions 7.11 SP0 build 10238 and earlier, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to the DNP3 protocol to minimize the risk of exploitation.