CVE-2013-6143

Published: Jan 31, 2014Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The Schneider Electric Telvent SAGE 3030 RTU with firmware C3413-500-001D3_P4 and C3413-500-001F0_PB allows remote attackers to cause a denial of service (temporary outage and CPU consumption) via malformed DNP3 traffic.

Affected (2)

Products: Schneider Electric: Telvent Sage 3030 Firmware

Schneider Electric

1 product

Telvent Sage 3030 Firmware

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Schneider Electric Telvent Sage 3030 Firmware	Version c3413-500-001d3_p4
Schneider Electric Telvent Sage 3030 Firmware	Version c3413-500-001f0_pb

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE-399

References (2)

http://ics-cert.us-cert.gov/advisories/ICSA-14-006-01

Source: ics-cert@hq.dhs.gov

US Government Resource

http://ics-cert.us-cert.gov/advisories/ICSA-14-006-01

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

Timeline

No history available yet.