Vulnerability Description
The CG Automation Software DNP3 driver, used in the ePAQ-9410 Substation Gateway products, does not validate input correctly. An attacker could cause the software to go into an infinite loop, causing the process to crash. The system must be restarted manually to clear the condition.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qeiinc | Epaq-9410 Substation Gateway | - |
Related Weaknesses (CWE)
References
- http://mail.cgautomationusa.com/login.aspx
- https://www.cisa.gov/news-events/ics-advisories/icsa-14-238-01
- https://ics-cert.us-cert.gov/advisories/ICSA-14-238-01US Government Resource
FAQ
What is CVE-2014-0762?
CVE-2014-0762 is a vulnerability with a CVSS score of 4.7 (MEDIUM). The CG Automation Software DNP3 driver, used in the ePAQ-9410 Substation Gateway products, does not validate input correctly. An attacker could cause the software to go into an infinite loop, causin...
How severe is CVE-2014-0762?
CVE-2014-0762 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0762?
Check the references section above for vendor advisories and patch information. Affected products include: Qeiinc Epaq-9410 Substation Gateway.