GE Proficy DNP3 Improper Input Validation

CVSS 7.1 HIGH

CVEs (2)

CVE-2013-2811 CVE-2013-2823

Remediations

GE has provided the following mitigations: Installing Version 7.20k (Catapult v7.2.0.60) of the DNP driver or newer will address this issue. To obtain the latest version of any I/O driver, visit GE’s Web site at (http://support.ge-ip.com) and in the right column look for “Quick Picks” > “Downloads” > “I/O Drivers.” DNP Distributed Network Protocol 3.0 v7.xx I/O Driver: 9http://support.ge-ip.com/support/index?page=dwchannel&comp=iodetail&id=DG309)
For the GE Security Advisory on this issue: (http://support.ge-ip.com/support/index?page=kbchannel&id=KB15805)
In addition, the driver update is also available from Catapult Software at (http://catapultsoftware.com/support)
The researchers suggest blocking DNP3 traffic from traversing onto business or corporate networks through the use of an IPS or firewall with DNP3-specific rule sets to add an additional layer of protection.

Affected Vendors

Affected Products (2)

GE · Proficy human-machine interface/supervisory control and data acquisition (HMI/SCADA) DNP3 I/O Driver (“DNP”) <=7.20j_Catapult_v7.2.0.56

GE · Proficy HMI/SCADA—iFIX or CIMPLICITY servers with the vulnerable I/O Driver installed (this includes iFIX or CIMPLICITY installations that are part of Proficy Process Systems) vers:all/*

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more