CVE-2013-2811

Published Nov 22, 2013

Last updated 11 years ago

Overview

Description: The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I/O driver before 7.20k, as used in DNPDrv.exe (aka the DNP master station server) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet.
Source: ics-cert@hq.dhs.gov
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.1
Impact score: 6.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-20

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:catapultsoftware:catapult_dnp3_i\\/o_driver:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D4D11DB-CF90-4ADD-AB95-9815FC90F97B",
            "versionEndIncluding": "7.20.56"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\\/o_driver:*:j:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FBAD16C-05F0-4D83-8FE7-F3FD0E2B75C7",
            "versionEndIncluding": "7.20"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\\/o_driver:7.20:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "92C2AB50-34CB-4296-8CCE-B98026DB4F0E"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\\/o_driver:7.20:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BE9590D-9264-4942-A18C-8629420FBB24"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\\/o_driver:7.20:b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A013ED7F-92C1-42C4-A6AB-4A419BA11611"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\\/o_driver:7.20:c:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA7AE477-C0A4-497E-8F7B-9D656DC41B2F"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\\/o_driver:7.20:d:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8AECEB6-867F-4796-B56C-C3C8BC53D691"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\\/o_driver:7.20:e:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9ABC3786-A578-4BF3-AF3D-A470BD7565CB"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\\/o_driver:7.20:f:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "142CA198-EF41-4FFD-BB40-F9B41C4841F2"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\\/o_driver:7.20:g:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F058E97B-0B63-4059-968D-9D282570283B"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\\/o_driver:7.20:h:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED4490C3-8CE5-4715-8E19-1793ED16354D"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\\/o_driver:7.20:i:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91B378AA-1AFA-44D7-8403-C898C3DAE85D"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:4.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C0B8CA7-2161-4603-B844-DE6C079DF36F"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:7.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3BACB11-5CD3-4CA6-9C56-D71628CADF0F"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90538C50-38BD-4EE5-BD30-96E2E2951FE3"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB261867-B9B1-4D3D-B2DE-3CC3164EFD06"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "559DCD7A-0745-4D4C-A77A-83240EF6C510"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_ifix:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65A4CBC3-3B98-4700-8710-4D4FFCA55315"
          },
          {
            "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_ifix:5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5ABA340B-B00B-41EC-8270-68139B63D09A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References