PT-2015-4158 · Hart+3 · Hart Device Type Manager (Dtm) Library+6
Published
2015-02-07
·
Updated
2015-02-09
·
CVE-2014-9203
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
MACTek Bullet DTM version 1.00.0
GE Vector DTM version 1.00.0
GE SVi1000 Positioner DTM version 1.00.0
GE SVI II AP Positioner DTM version 2.00.1
GE 12400 Level Transmitter DTM version 1.00.0
Description
The issue is related to a buffer overflow in the Field Device Tool (FDT) Frame application within the HART Device Type Manager (DTM) library. This allows remote attackers to cause a denial of service, resulting in a DTM outage, by sending crafted packets.
Recommendations
For MACTek Bullet DTM version 1.00.0, update to a version that addresses the buffer overflow issue.
For GE Vector DTM version 1.00.0, update to a version that addresses the buffer overflow issue.
For GE SVi1000 Positioner DTM version 1.00.0, update to a version that addresses the buffer overflow issue.
For GE SVI II AP Positioner DTM version 2.00.1, update to a version that addresses the buffer overflow issue.
For GE 12400 Level Transmitter DTM version 1.00.0, update to a version that addresses the buffer overflow issue.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Field Device Tool (Fdt) Frame Application
Ge 12400 Level Transmitter Dtm
Ge Svi Ii Ap Positioner Dtm
Ge Svi1000 Positioner Dtm
Ge Vector Dtm
Hart Device Type Manager (Dtm) Library
Mactek Bullet Dtm