ICSA-20-105-03 · Published 2020-04-14 · View on CISA ICS-CERT ↗

Triangle MicroWorks SCADA Data Gateway

CVSS 9.8 CRITICAL

Risk Summary

These vulnerabilities allow remote attackers to execute arbitrary code and disclose on affected installations of Triangle Microworks SCADA Data Gateway with DNP3 Outstation channels. Authentication is not required to exploit these vulnerabilities.

CVEs (3)

CVE-2020-10615 CVE-2020-10613 CVE-2020-10611

Remediations

Triangle Microworks recommends users update to Version 4.0.123
Please contact Triangle MicroWorks support for additional details.

Affected Vendors

Triangle MicroWorks

Affected Products (1)

Triangle MicroWorks · SCADA Data Gateway >= 2.41.0213 | <= 4.0.122

Affected Sectors

Energy, Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more