Vulnerability CVE-2013-2789


Published: 2013-08-22

Description:
The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0 allows remote attackers to cause a denial of service (master-station infinite loop) via crafted DNP3 packets to TCP port 20000 and allows physically proximate attackers to cause a denial of service (master-station infinite loop) via crafted input over a serial line.

Type:

CWE-399

(Resource Management Errors)

Vendor: Kepware
Product: Kepserverex communications platform 
Version:
5.9.170.0
5.8.109.0
5.7.84.0
5.6.122.0
5.5.98.0
5.5.94.0
5.4.135.0
5.4.131.0
5.3.118.0
5.2.133.0
5.11.263.0
5.11.262.0
5.11.250.0
5.10.205.0
5.1.71.0
5.0.1176.0

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete

 References:
http://ics-cert.us-cert.gov/advisories/ICSA-13-226-01

Copyright 2019, cxsecurity.com

 

Back to Top