cbcvebase.
CVE-2013-2823
published 2013-11-22

CVE-2013-2823: The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I/O driver before 7.20k, as used in DNPDrv.exe (aka the DNP…

PriorityP416medium4.7CVSS 2.0
AVLACMAuNCNINAC
EPSS
0.76%
50.7th percentile
The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I/O driver before 7.20k, as used in DNPDrv.exe (aka the DNP master station server) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line.

Affected

10 ranges
VendorProductVersion rangeFixed in
catapultsoftwarecatapult_dnp3_i_o_driver<= 7.20.56
geintelligent_platforms_proficy_dnp3_i_o_driver<= 7.20
geintelligent_platforms_proficy_dnp3_i_o_driver
geintelligent_platforms_proficy_hmi_scada_cimplicity
geintelligent_platforms_proficy_hmi_scada_cimplicity
geintelligent_platforms_proficy_hmi_scada_cimplicity
geintelligent_platforms_proficy_hmi_scada_cimplicity
geintelligent_platforms_proficy_hmi_scada_cimplicity
geintelligent_platforms_proficy_hmi_scada_ifix
geintelligent_platforms_proficy_hmi_scada_ifix
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.