PT-2014-6467 · Ioserver · Ioserver

Published

2014-10-19

Updated

2014-10-22

CVE-2014-5425

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions IOServer versions before Beta2112.exe

Description The issue allows remote attackers to cause a denial of service through an out-of-bounds read and master entry consumption. This can be achieved via a null DNP3 header.

Recommendations For versions prior to Beta2112.exe, update to Beta2112.exe or later to resolve the issue. As a temporary workaround, consider restricting access to the DNP3 header to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2014-5425

Affected Products

Ioserver

PT-2014-6467 · Ioserver · Ioserver

CVE-2014-5425

Weakness Enumeration

Related Identifiers

Affected Products

References · 2