MidnightBSD

Advisories for alstom

CVE-2013-2786 MEDIUM

Alstom Grid MiCOM S1 Agile before 1.0.3 and Alstom Grid MiCOM S1 Studio use weak permissions for the MiCOM S1 %PROGRAMFILES% directory, which allows local users to gain privileges via a Trojan horse executable file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
alstom micom_s1_agile *
alstom micom_s1_studio -
CVE-2013-2787 HIGH

Alstom e-terracontrol 3.5, 3.6, and 3.7 allows remote attackers to cause a denial of service (infinite loop) via crafted DNP3 packets.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
alstom e-terracontrol 3.7
alstom e-terracontrol 3.5
alstom e-terracontrol 3.6
CVE-2013-2818 MEDIUM

The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and 3.7 allows physically proximate attackers to cause a denial of service (infinite loop and DNP3 service disruption) via crafted input over a serial line.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
alstom e-terracontrol 3.7
alstom e-terracontrol 3.5
alstom e-terracontrol 3.6