Lucene search

[email protected]NVD:CVE-2013-5741

HistoryOct 29, 2013 - 3:42 a.m.

CVE-2013-5741

2013-10-2903:42:33

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.012

Percentile

85.7%

JSON

Triangle Research International (aka Tri) Nano-10 PLC devices with firmware r81 and earlier do not properly handle large length values in MODBUS data, which allows remote attackers to cause a denial of service (transition to the interrupt state) via a crafted packet to TCP port 502.

Affected configurations

Nvd

Node

triplcnano-10_plc_firmwareRange≤r81

triplcnano-10_plc_firmwareMatchr80

AND

triplcnano-10_plcMatch-

VendorProductVersionCPE
triplcnano-10_plc_firmware*cpe:2.3:o:triplc:nano-10_plc_firmware:*:*:*:*:*:*:*:*
triplcnano-10_plc_firmwarer80cpe:2.3:o:triplc:nano-10_plc_firmware:r80:*:*:*:*:*:*:*
triplcnano-10_plc-cpe:2.3:h:triplc:nano-10_plc:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
triplc	nano-10_plc_firmware	*	cpe:2.3:o:triplc:nano-10_plc_firmware::::::::
triplc	nano-10_plc_firmware	r80	cpe:2.3:o:triplc:nano-10_plc_firmware:r80:::::::*
triplc	nano-10_plc	-	cpe:2.3:h:triplc:nano-10_plc:-:::::::*

References

blogs.ixiacom.com/ixia-blog/hack-scada-zero-day-vulnerability-discovery-on-the-nano-10-plc/

osvdb.org/ref/97/tri-nano10.txt

www.osvdb.org/97728

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.012

Percentile

85.7%

JSON

Related for NVD:CVE-2013-5741

ics1 prion1 cve1 cvelist1