NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier and Orion5/Orion5r DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier allow remote attackers to cause a denial of service (driver crash and process restart) via a crafted DNP3 TCP packet.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| novatech | orion5_dnp_master | 1.27.38 |
| novatech | orion5r_dnp_slave | 1.23.10 |
| novatech | orion5r_dnp_master | 1.27.38 |
| novatech | orionlx_dnp_master | 1.27.38 |
| novatech | orion5_dnp_slave | 1.23.10 |
| novatech | orionlx_dnp_slave | 1.23.10 |
NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier and Orion5/Orion5r DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier allow physically proximate attackers to cause a denial of service (driver crash and process restart) via crafted input over a serial line.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| novatech | orion5_dnp_master | 1.27.38 |
| novatech | orion5r_dnp_slave | 1.23.10 |
| novatech | orion5r_dnp_master | 1.27.38 |
| novatech | orionlx_dnp_master | 1.27.38 |
| novatech | orion5_dnp_slave | 1.23.10 |
| novatech | orionlx_dnp_slave | 1.23.10 |