CVE-2013-2794
published 2013-09-09CVE-2013-2794: Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000…
PriorityP416medium4.9CVSS 2.0
AVLACLAuNCNINAC
EPSS
0.32%
23.3th percentile
Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line.
Affected
73 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| trianglemicroworks | ansi_c_source_code_libraries | — | — |
| trianglemicroworks | ansi_c_source_code_libraries | — | — |
| trianglemicroworks | ansi_c_source_code_libraries | — | — |
| trianglemicroworks | ansi_c_source_code_libraries | — | — |
| trianglemicroworks | ansi_c_source_code_libraries | — | — |
| trianglemicroworks | ansi_c_source_code_libraries | — | — |
| trianglemicroworks | ansi_c_source_code_libraries | — | — |
| trianglemicroworks | ansi_c_source_code_libraries | — | — |
| trianglemicroworks | ansi_c_source_code_libraries | — | — |
| trianglemicroworks | ansi_c_source_code_libraries | — | — |
| trianglemicroworks | net_communication_protocol_components | — | — |
| trianglemicroworks | net_communication_protocol_components | — | — |
| trianglemicroworks | net_communication_protocol_components | — | — |
| trianglemicroworks | net_communication_protocol_components | — | — |
| trianglemicroworks | net_communication_protocol_components | — | — |
| trianglemicroworks | net_communication_protocol_components | — | — |
| trianglemicroworks | net_communication_protocol_components | — | — |
| trianglemicroworks | net_communication_protocol_components | — | — |
| trianglemicroworks | net_communication_protocol_components | — | — |
| trianglemicroworks | scada_data_gateway | — | — |
| trianglemicroworks | scada_data_gateway | — | — |
| trianglemicroworks | scada_data_gateway | — | — |
| trianglemicroworks | scada_data_gateway | — | — |
| trianglemicroworks | scada_data_gateway | — | — |
| trianglemicroworks | scada_data_gateway | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-c76r-3279-x52m: Triangle MicroWorks SCADA Data Gateway 2
ghsa_unreviewed·2022-05-17
CVE-2013-2794 [MEDIUM] CWE-119 GHSA-c76r-3279-x52m: Triangle MicroWorks SCADA Data Gateway 2
Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line.
CISA ICS
Triangle MicroWorks Improper Input Validation
cisa_ics·2022-10-27
Triangle MicroWorks Improper Input Validation
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Triangle MicroWorks Improper Input Validation
Last RevisedOctober 27, 2022
Alert CodeICSA-13-240-01
## OVERVIEW
Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in multiple Triangle MicroWorks’ products and third‑party components. Triangle MicroWorks has produced an update that mitigates this vulnerability. Adam Crain has tested the update to validate that it resolves the vulnerability.
This vulnerability could be exploited remotely.
## AFFECTED PRODUCTS
The following Triangle MicroWorks products are
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2013-09-09
Published