ICSA-13-346-01
·
Published 2025-06-06
·
View on CISA ICS-CERT ↗
Cooper Power Systems Improper Input Validation Vulnerability
CVSS 7.1
HIGH
CVEs (2)
Remediations
- Cooper Power Systems has produced a new version of the SMP Gateway firmware that mitigates all the affected products and is available for download from the customer support Web portal. For additional information, please contact a customer support representative at (mailto:[email protected]).
- In addition, Cooper Power Systems recommends the following mitigation measure: Users of the SMP Gateway should ensure that slave connections are configured to only accept connections from specific IP addresses or address ranges.
- The security researchers suggest the following mitigation: Block DNP3 traffic from traversing onto business or corporate networks through the use of an IPS or firewall with DPN3-specific rule sets.
Affected Vendors
Cooper Power Systems
Affected Products (3)
Cooper Power Systems
·
SMP 16 Gateway (Data Concentrator)
vers:all/*
Cooper Power Systems
·
SMP 4 Gateway (Data Concentrator)
vers:all/*
Cooper Power Systems
·
SMP 4/DP Gateway (Data Concentrator)
vers:all/*
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more