Details of VAR-201311-0065

ID

VAR-201311-0065

CVE

CVE-2013-2823

TITLE

Catapult Software DNP3 Driver Local Denial of Service Vulnerability

Trust: 0.8

sources: IVD: 75e7bd14-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-14628

DESCRIPTION

The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I/O driver before 7.20k, as used in DNPDrv.exe (aka the DNP master station server) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line. Catapult Software DNP3 Driver is a power-related industrial control software. The Catapult Software DNP3 drivers used by GE iFIX and CIMPLICITY products fail to properly verify input, allowing local attackers to exploit vulnerabilities to bring software into an infinite loop, crashing the process, and requiring a reboot to get normal functionality. Local attackers can exploit this issue to force the application to enter into an infinite loop, causing denial-of-service conditions

Trust: 2.61

sources: NVD: CVE-2013-2823 // JVNDB: JVNDB-2013-005226 // CNVD: CNVD-2013-14628 // BID: 63812 // IVD: 75e7bd14-2352-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 75e7bd14-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-14628

AFFECTED PRODUCTS

vendor:	intelligent platforms proficy dnp3 i o driver	model:	-	scope:	eq	version:	7.20	Trust: 2.0
vendor:	ge	model:	intelligent platforms proficy dnp3 i\/o driver	scope:	eq	version:	7.20	Trust: 1.6
vendor:	ge	model:	intelligent platforms proficy hmi\/scada cimplicity	scope:	eq	version:	8.0	Trust: 1.0
vendor:	ge	model:	intelligent platforms proficy hmi\/scada ifix	scope:	eq	version:	5.1	Trust: 1.0
vendor:	ge	model:	intelligent platforms proficy hmi\/scada cimplicity	scope:	eq	version:	7.5	Trust: 1.0
vendor:	ge	model:	intelligent platforms proficy hmi\/scada ifix	scope:	eq	version:	5.0	Trust: 1.0
vendor:	catapultsoftware	model:	catapult dnp3 i\/o driver	scope:	lte	version:	7.20.56	Trust: 1.0
vendor:	ge	model:	intelligent platforms proficy hmi\/scada cimplicity	scope:	eq	version:	4.01	Trust: 1.0
vendor:	ge	model:	intelligent platforms proficy dnp3 i\/o driver	scope:	lte	version:	7.20	Trust: 1.0
vendor:	ge	model:	intelligent platforms proficy hmi\/scada cimplicity	scope:	eq	version:	8.2	Trust: 1.0
vendor:	ge	model:	intelligent platforms proficy hmi\/scada cimplicity	scope:	eq	version:	8.1	Trust: 1.0
vendor:	catapult	model:	dnp3 driver	scope:	lt	version:	7.2.0.60	Trust: 0.8
vendor:	general electric	model:	proficy hmi/scada - cimplicity	scope:	eq	version:	8.1 thats all	Trust: 0.8
vendor:	general electric	model:	proficy hmi/scada - ifix	scope:	eq	version:	4.0 thats all	Trust: 0.8
vendor:	general electric	model:	proficy hmi/scada dnp3 i/o driver	scope:	lt	version:	7.20k	Trust: 0.8
vendor:	catapult	model:	software hmi/scada dnp3 i/o driver	scope:	eq	version:	7.x	Trust: 0.6
vendor:	general	model:	electric proficy hmi/scada ifix	scope:	eq	version:	-0	Trust: 0.3
vendor:	general	model:	electric proficy hmi/scada cimplicity	scope:	eq	version:	-0	Trust: 0.3
vendor:	catapult	model:	software dnp3 driver	scope:	eq	version:	7.20.56	Trust: 0.3
vendor:	catapult	model:	software dnp3 driver	scope:	ne	version:	7.20.60	Trust: 0.3
vendor:	catapult dnp3 i o driver	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	intelligent platforms proficy dnp3 i o driver	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	intelligent platforms proficy hmi scada cimplicity	model:	-	scope:	eq	version:	4.01	Trust: 0.2
vendor:	intelligent platforms proficy hmi scada cimplicity	model:	-	scope:	eq	version:	7.5	Trust: 0.2
vendor:	intelligent platforms proficy hmi scada cimplicity	model:	-	scope:	eq	version:	8.0	Trust: 0.2
vendor:	intelligent platforms proficy hmi scada cimplicity	model:	-	scope:	eq	version:	8.1	Trust: 0.2
vendor:	intelligent platforms proficy hmi scada cimplicity	model:	-	scope:	eq	version:	8.2	Trust: 0.2
vendor:	intelligent platforms proficy hmi scada ifix	model:	-	scope:	eq	version:	5.0	Trust: 0.2
vendor:	intelligent platforms proficy hmi scada ifix	model:	-	scope:	eq	version:	5.1	Trust: 0.2

sources: IVD: 75e7bd14-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-14628 // BID: 63812 // JVNDB: JVNDB-2013-005226 // CNNVD: CNNVD-201311-335 // NVD: CVE-2013-2823

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-2823
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2013-2823
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2013-14628
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201311-335
value:	MEDIUM
Trust: 0.6
IVD:	75e7bd14-2352-11e6-abef-000c29c66e3d
value:	MEDIUM
Trust: 0.2

nvd@nist.gov:	CVE-2013-2823
severity:	MEDIUM
baseScore:	4.7
vectorString:	AV:L/AC:M/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2013-14628
severity:	MEDIUM
baseScore:	4.7
vectorString:	AV:L/AC:M/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	75e7bd14-2352-11e6-abef-000c29c66e3d
severity:	MEDIUM
baseScore:	4.7
vectorString:	AV:L/AC:M/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: 75e7bd14-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-14628 // JVNDB: JVNDB-2013-005226 // CNNVD: CNNVD-201311-335 // NVD: CVE-2013-2823

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2013-005226 // NVD: CVE-2013-2823

THREAT TYPE

local

Trust: 0.9

sources: BID: 63812 // CNNVD: CNNVD-201311-335

TYPE

Input validation

Trust: 0.8

sources: IVD: 75e7bd14-2352-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201311-335

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-005226

PATCH

title:	DNP3	url:	http://www.catapultsoftware.com/product?id=625027c2-709e-47a2-bfe2-7f5efa38b51f	Trust: 0.8
title:	KB15805	url:	http://support.ge-ip.com/support/index?page=kbchannel&id=S:KB15805	Trust: 0.8
title:	GEIP13-04	url:	http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/15000/KB15805/en_US/GEIP13-04%20Security%20Advisory%20-%20Proficy%20HMI%20SCADA%20DNP3%20Driver%20from%20Catapult%20Software.pdf	Trust: 0.8
title:	Patch for Catapult Software DNP3 Driver Local Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/41212	Trust: 0.6

sources: CNVD: CNVD-2013-14628 // JVNDB: JVNDB-2013-005226

EXTERNAL IDS

db:	NVD	id:	CVE-2013-2823	Trust: 3.5
db:	ICS CERT	id:	ICSA-13-297-02	Trust: 3.3
db:	ICS CERT	id:	ICSA-13-297-01	Trust: 2.7
db:	BID	id:	63812	Trust: 1.5
db:	CNVD	id:	CNVD-2013-14628	Trust: 0.8
db:	CNNVD	id:	CNNVD-201311-335	Trust: 0.8
db:	JVNDB	id:	JVNDB-2013-005226	Trust: 0.8
db:	IVD	id:	75E7BD14-2352-11E6-ABEF-000C29C66E3D	Trust: 0.2

sources: IVD: 75e7bd14-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-14628 // BID: 63812 // JVNDB: JVNDB-2013-005226 // CNNVD: CNNVD-201311-335 // NVD: CVE-2013-2823

REFERENCES

url:	http://ics-cert.us-cert.gov/advisories/icsa-13-297-02	Trust: 3.3
url:	http://ics-cert.us-cert.gov/advisories/icsa-13-297-01	Trust: 2.7
url:	http://support.ge-ip.com/support/resources/sites/ge_fanuc_support/content/live/kb/15000/kb15805/en_us/geip13-04%20security%20advisory%20-%20proficy%20hmi%20scada%20dnp3%20driver%20from%20catapult%20software.pdf	Trust: 1.6
url:	http://support.ge-ip.com/support/index?page=kbchannel&id=s:kb15805	Trust: 1.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2823	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2823	Trust: 0.8
url:	http://www.securityfocus.com/bid/63812	Trust: 0.6
url:	http://catapultsoftware.com/	Trust: 0.3

sources: CNVD: CNVD-2013-14628 // BID: 63812 // JVNDB: JVNDB-2013-005226 // CNNVD: CNNVD-201311-335 // NVD: CVE-2013-2823

CREDITS

Adam Crain of Automatak and Chris Sistrunk

Trust: 0.9

sources: BID: 63812 // CNNVD: CNNVD-201311-335

SOURCES

db:	IVD	id:	75e7bd14-2352-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2013-14628
db:	BID	id:	63812
db:	JVNDB	id:	JVNDB-2013-005226
db:	CNNVD	id:	CNNVD-201311-335
db:	NVD	id:	CVE-2013-2823

LAST UPDATE DATE

2024-08-14T14:40:24.947000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-14628	date:	2013-11-22T00:00:00
db:	BID	id:	63812	date:	2013-11-19T00:00:00
db:	JVNDB	id:	JVNDB-2013-005226	date:	2013-11-25T00:00:00
db:	CNNVD	id:	CNNVD-201311-335	date:	2013-11-22T00:00:00
db:	NVD	id:	CVE-2013-2823	date:	2013-11-22T13:38:04.977

SOURCES RELEASE DATE

db:	IVD	id:	75e7bd14-2352-11e6-abef-000c29c66e3d	date:	2013-11-22T00:00:00
db:	CNVD	id:	CNVD-2013-14628	date:	2013-11-22T00:00:00
db:	BID	id:	63812	date:	2013-11-19T00:00:00
db:	JVNDB	id:	JVNDB-2013-005226	date:	2013-11-25T00:00:00
db:	CNNVD	id:	CNNVD-201311-335	date:	2013-11-22T00:00:00
db:	NVD	id:	CVE-2013-2823	date:	2013-11-22T01:55:03.917