CVE-2014-5429
published 2014-12-06CVE-2014-5429: DNP Master Driver 3.02 and earlier in Elipse SCADA 2.29 build 141 and earlier, E3 1.0 through 4.6, and Elipse Power 1.0 through 4.6 allows remote attackers to…
PriorityP420medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
1.36%
68.2th percentile
DNP Master Driver 3.02 and earlier in Elipse SCADA 2.29 build 141 and earlier, E3 1.0 through 4.6, and Elipse Power 1.0 through 4.6 allows remote attackers to cause a denial of service (CPU consumption) via malformed packets.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elipse | e3 | <= 4.6 | — |
| elipse | power | <= 4.6 | — |
| elipse | scada | <= 2.29 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-cqq2-prhp-3p28: DNP Master Driver 3
ghsa_unreviewed·2022-05-17
CVE-2014-5429 [MEDIUM] GHSA-cqq2-prhp-3p28: DNP Master Driver 3
DNP Master Driver 3.02 and earlier in Elipse SCADA 2.29 build 141 and earlier, E3 1.0 through 4.6, and Elipse Power 1.0 through 4.6 allows remote attackers to cause a denial of service (CPU consumption) via malformed packets.
CISA ICS
Elipse SCADA DNP3 Denial of Service
cisa_ics·2018-09-05
Elipse SCADA DNP3 Denial of Service
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Elipse SCADA DNP3 Denial of Service
Last RevisedSeptember 05, 2018
Alert CodeICSA-14-303-02
## OVERVIEW
This advisory was originally posted to the US-CERT secure Portal library on October 30, 2014, and is being released to the NCCIC/ICS-CERT web site
Independent researchers Adam Crain and Chris Sistrunk have identified a DNP3 denial‑of‑service vulnerability in the Elipse SCADA application. Elipse has produced a new version of the DNP3 driver that mitigates this vulnerability.
This vulnerability could be exploited remotely.
## AFFECTED PRODUCTS
The following Elipse products a
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2014-12-06
Published