← Back to home
ICSA-13-337-01  ·  Published 2025-06-06  ·  View on CISA ICS-CERT ↗

Elecsys Director Gateway Improper Input Validation Vulnerability

CVSS 4.3 MEDIUM

CVEs (1)

Remediations

  • Elecsys has created a patch to mitigate this vulnerability. Customers may obtain this patch by contacting Elecsys customer service at 913-647-0158 or (mailto:[email protected]).
  • Because this vulnerability is identified with fuzzing tools, the researchers suggest developers use extensive negative testing during quality control of products. The researchers also suggest blocking DNP3 traffic from traversing onto business or corporate networks through the use of an IPS or firewall with DNP3-specific rule sets.

Affected Vendors

Elecsys

Affected Products (1)

Elecsys · Elecsys Director DNP3 Outstation, kernel <=2.6.32.11ael1

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more