Sign-up

ID

VAR-201312-0501


CVE

CVE-2013-7059


TITLE

Nano-10 PLC Remote Denial of Service Vulnerability (CNVD-2013-15610)

Trust: 0.6

sources: CNVD: CNVD-2013-15610

DESCRIPTION

The Nano-10 PLC is a programmable logic controller. A remote denial of service vulnerability exists in the implementation of the Nano-10 PLC r82. An attacker could exploit this vulnerability to cause the affected device to crash. Nano-10 PLC running firmware prior to r82 are vulnerable. ** ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided

Trust: 0.99

sources: CNVD: CNVD-2013-15610 // BID: 64527 // IVD: 67cbca18-2352-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 67cbca18-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-15610

AFFECTED PRODUCTS

vendor:trianglemodel:research international inc nano-10 plc r81scope:ltversion: -

Trust: 0.8

vendor:trianglemodel:research international inc nano-10 plc r81scope: - version: -

Trust: 0.3

vendor:trianglemodel:research international inc nano-10 plc r80scope: - version: -

Trust: 0.3

vendor:trianglemodel:research international inc nano-10 plc r82scope:neversion: -

Trust: 0.3

sources: IVD: 67cbca18-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-15610 // BID: 64527

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2013-15610
value: MEDIUM

Trust: 0.6

IVD: 67cbca18-2352-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

CNVD: CNVD-2013-15610
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 67cbca18-2352-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: 67cbca18-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-15610

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201401-011

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 64527

PATCH

title:Patch for Nano-10 PLC Remote Denial of Service Vulnerability (CNVD-2013-15610)url:https://www.cnvd.org.cn/patchinfo/show/42035

Trust: 0.6

sources: CNVD: CNVD-2013-15610

EXTERNAL IDS

db:NVDid:CVE-2013-7059

Trust: 1.7

db:BIDid:64527

Trust: 1.5

db:CNVDid:CNVD-2013-15610

Trust: 0.8

db:CNNVDid:CNNVD-201401-011

Trust: 0.8

db:IVDid:67CBCA18-2352-11E6-ABEF-000C29C66E3D

Trust: 0.2

sources: IVD: 67cbca18-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-15610 // BID: 64527 // CNNVD: CNNVD-201401-011

REFERENCES

url:http://www.securityfocus.com/bid/64527

Trust: 1.2

url:http://www.tri-plc.com/nano10.htm

Trust: 0.3

sources: CNVD: CNVD-2013-15610 // BID: 64527 // CNNVD: CNNVD-201401-011

CREDITS

Wei Gao of Ixia.

Trust: 0.9

sources: BID: 64527 // CNNVD: CNNVD-201401-011

SOURCES

db:IVDid:67cbca18-2352-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2013-15610
db:BIDid:64527
db:CNNVDid:CNNVD-201401-011

LAST UPDATE DATE

2022-05-04T09:44:17.909000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2013-15610date:2013-12-31T00:00:00
db:BIDid:64527date:2013-12-12T00:00:00
db:CNNVDid:CNNVD-201401-011date:2014-01-03T00:00:00

SOURCES RELEASE DATE

db:IVDid:67cbca18-2352-11e6-abef-000c29c66e3ddate:2013-12-31T00:00:00
db:CNVDid:CNVD-2013-15610date:2013-12-30T00:00:00
db:BIDid:64527date:2013-12-12T00:00:00
db:CNNVDid:CNNVD-201401-011date:2013-12-12T00:00:00