Vulnerability Description
Buffer overflow in the Field Device Tool (FDT) Frame application in the HART Device Type Manager (DTM) library, as used in MACTek Bullet DTM 1.00.0, GE Vector DTM 1.00.0, GE SVi1000 Positioner DTM 1.00.0, GE SVI II AP Positioner DTM 2.00.1, and GE 12400 Level Transmitter DTM 1.00.0, allows remote attackers to cause a denial of service (DTM outage) via crafted packets.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ge | 12400 Level Transmitter Device Type Manager | 1.00.0 |
| Ge | Svi Ii Ap Positioner Device Type Manager | 2.00.1 |
| Ge | Vector Device Type Manager | 1.00.0 |
| Mactek | Bullet Device Type Manager | 1.00.0 |
Related Weaknesses (CWE)
References
- http://www.geoilandgas.com/securityadvisoryVendor Advisory
- https://ics-cert.us-cert.gov/advisories/ICSA-15-036-01Third Party AdvisoryUS Government Resource
- http://www.geoilandgas.com/securityadvisoryVendor Advisory
- https://ics-cert.us-cert.gov/advisories/ICSA-15-036-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2014-9203?
CVE-2014-9203 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Buffer overflow in the Field Device Tool (FDT) Frame application in the HART Device Type Manager (DTM) library, as used in MACTek Bullet DTM 1.00.0, GE Vector DTM 1.00.0, GE SVi1000 Positioner DTM 1.0...
How severe is CVE-2014-9203?
CVE-2014-9203 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-9203?
Check the references section above for vendor advisories and patch information. Affected products include: Ge 12400 Level Transmitter Device Type Manager, Ge Svi Ii Ap Positioner Device Type Manager, Ge Vector Device Type Manager, Mactek Bullet Device Type Manager.