Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    8 vulnerabilities by triplc

    VAR-201307-0317

    Vulnerability from variot - Updated: 2023-12-18 14:06

    Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service (networking outage) via a crafted packet to TCP port 502. The Triangle Research Nano-10 PLC is a controller for automated manufacturing. Attack, you need to manually restart to get normal functionality. Nano-10 PLC is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause the affected device to crash, denying service to legitimate users. Nano-10 PLC running firmware versions prior to r81 are vulnerable. http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsq24002

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201307-0317",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "nano-10 plc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "triplc",
            "version": null
          },
          {
            "model": "nano-10 plc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "triplc",
            "version": "r80"
          },
          {
            "model": "nano-10 plc",
            "scope": null,
            "trust": 0.8,
            "vendor": "triangle research",
            "version": null
          },
          {
            "model": "nano-10 plc",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "triangle research",
            "version": "r81"
          },
          {
            "model": "research international inc nano-10 plc r81",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "triangle",
            "version": null
          },
          {
            "model": "r80",
            "scope": null,
            "trust": 0.2,
            "vendor": "nano 10 plc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "nano 10 plc",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "dd488970-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-09204"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003329"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-2784"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:triplc:nano-10_plc_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "r80",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:triplc:nano-10_plc:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-2784"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Jon Christmas of Solera Networks",
        "sources": [
          {
            "db": "BID",
            "id": "61024"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2013-2784",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 7.8,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2013-2784",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2013-09204",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "dd488970-2352-11e6-abef-000c29c66e3d",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-62786",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2013-2784",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2013-09204",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201307-217",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "dd488970-2352-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-62786",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "dd488970-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-09204"
          },
          {
            "db": "VULHUB",
            "id": "VHN-62786"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003329"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-2784"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-217"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service (networking outage) via a crafted packet to TCP port 502. The Triangle Research Nano-10 PLC is a controller for automated manufacturing. Attack, you need to manually restart to get normal functionality. Nano-10 PLC is prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to cause the affected device to crash, denying service to legitimate users. \nNano-10 PLC running firmware versions prior to r81 are vulnerable. \nhttp://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026amp;bugId=CSCsq24002",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-2784"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003329"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-09204"
          },
          {
            "db": "BID",
            "id": "61024"
          },
          {
            "db": "IVD",
            "id": "dd488970-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "VULHUB",
            "id": "VHN-62786"
          }
        ],
        "trust": 2.7
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-62786",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-62786"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-2784",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-13-189-02",
            "trust": 3.4
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-09204",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003329",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-217",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "61024",
            "trust": 0.4
          },
          {
            "db": "IVD",
            "id": "DD488970-2352-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "EXPLOIT-DB",
            "id": "26802",
            "trust": 0.1
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-80426",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "122395",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-62786",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "dd488970-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-09204"
          },
          {
            "db": "VULHUB",
            "id": "VHN-62786"
          },
          {
            "db": "BID",
            "id": "61024"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003329"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-2784"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-217"
          }
        ]
      },
      "id": "VAR-201307-0317",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "dd488970-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-09204"
          },
          {
            "db": "VULHUB",
            "id": "VHN-62786"
          }
        ],
        "trust": 1.8166666999999999
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "dd488970-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-09204"
          }
        ]
      },
      "last_update_date": "2023-12-18T14:06:15.729000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Nano-10",
            "trust": 0.8,
            "url": "http://www.tri-plc.com/nano10.htm"
          },
          {
            "title": "Triangle Research Nano-10 PLC Specialized Packet Denial of Service Vulnerability Patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/35022"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-09204"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003329"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-310",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-62786"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003329"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-2784"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "http://ics-cert.us-cert.gov/advisories/icsa-13-189-02"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2784"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2784"
          },
          {
            "trust": 0.3,
            "url": "http://www.tri-plc.com/nano10.htm"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-09204"
          },
          {
            "db": "VULHUB",
            "id": "VHN-62786"
          },
          {
            "db": "BID",
            "id": "61024"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003329"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-2784"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-217"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "dd488970-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-09204"
          },
          {
            "db": "VULHUB",
            "id": "VHN-62786"
          },
          {
            "db": "BID",
            "id": "61024"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003329"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-2784"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-217"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2013-07-10T00:00:00",
            "db": "IVD",
            "id": "dd488970-2352-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2013-07-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2013-09204"
          },
          {
            "date": "2013-07-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-62786"
          },
          {
            "date": "2013-07-08T00:00:00",
            "db": "BID",
            "id": "61024"
          },
          {
            "date": "2013-07-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-003329"
          },
          {
            "date": "2013-07-10T22:55:03.483000",
            "db": "NVD",
            "id": "CVE-2013-2784"
          },
          {
            "date": "2013-07-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201307-217"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2013-07-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2013-09204"
          },
          {
            "date": "2013-07-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-62786"
          },
          {
            "date": "2013-09-28T00:13:00",
            "db": "BID",
            "id": "61024"
          },
          {
            "date": "2013-07-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-003329"
          },
          {
            "date": "2013-07-11T04:00:00",
            "db": "NVD",
            "id": "CVE-2013-2784"
          },
          {
            "date": "2021-11-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201307-217"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-217"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Triangle Research International Nano-10 PLC Service disruption on devices  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003329"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "encryption problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-217"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201310-0348

    Vulnerability from variot - Updated: 2023-12-18 13:20

    Triangle Research International (aka Tri) Nano-10 PLC devices with firmware r81 and earlier do not properly handle large length values in MODBUS data, which allows remote attackers to cause a denial of service (transition to the interrupt state) via a crafted packet to TCP port 502. The Nano-10 PLC has an input verification vulnerability that allows an attacker to use the vulnerability to send a special message to the Nano-10 PLC for a denial of service attack, which can cause the device to run in an undefined interrupt state and need to be restarted to restore normal functionality. The Triangle Research Nano-10 PLC is a controller for automated manufacturing. This vulnerability can be triggered when the firmware is processing a special length (over 0x200) MODBUS TCP message on TCP port 502. Nano-10 PLC is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause the affected device to crash, denying service to legitimate users. Nano-10 PLC running firmware r81 and prior are vulnerable. This product is usually used in automatic production equipment such as packaging machines, batching machines, etc

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201310-0348",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "nano-10 plc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "triplc",
            "version": "r80"
          },
          {
            "model": "nano-10 plc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "triplc",
            "version": null
          },
          {
            "model": "nano-10 plc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "triplc",
            "version": "r81"
          },
          {
            "model": "research international inc nano-10 plc r81",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "triangle",
            "version": null
          },
          {
            "model": "nano-10 plc",
            "scope": null,
            "trust": 0.8,
            "vendor": "triangle research",
            "version": null
          },
          {
            "model": "nano-10 plc",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "triangle research",
            "version": "r81"
          },
          {
            "model": "research international inc nano-10 plc",
            "scope": null,
            "trust": 0.6,
            "vendor": "triangle",
            "version": null
          },
          {
            "model": "nano-10 plc",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "triplc",
            "version": "r81"
          },
          {
            "model": "r80",
            "scope": null,
            "trust": 0.2,
            "vendor": "nano 10 plc",
            "version": null
          },
          {
            "model": "r81",
            "scope": null,
            "trust": 0.2,
            "vendor": "nano 10 plc",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "nano 10 plc",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "87eac04c-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "53d04baa-1f07-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13985"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13485"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004934"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5741"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-561"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:triplc:nano-10_plc_firmware:r80:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:triplc:nano-10_plc_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "r81",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:triplc:nano-10_plc:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-5741"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wei Gao of Ixia.",
        "sources": [
          {
            "db": "BID",
            "id": "63272"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-561"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2013-5741",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 7.8,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2013-5741",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2013-13985",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2013-13485",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "87eac04c-2352-11e6-abef-000c29c66e3d",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "53d04baa-1f07-11e6-abef-000c29c66e3d",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-65743",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2013-5741",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2013-13985",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2013-13485",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201310-561",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "IVD",
                "id": "87eac04c-2352-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "HIGH"
              },
              {
                "author": "IVD",
                "id": "53d04baa-1f07-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-65743",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "87eac04c-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "53d04baa-1f07-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13985"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13485"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65743"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004934"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5741"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-561"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Triangle Research International (aka Tri) Nano-10 PLC devices with firmware r81 and earlier do not properly handle large length values in MODBUS data, which allows remote attackers to cause a denial of service (transition to the interrupt state) via a crafted packet to TCP port 502. The Nano-10 PLC has an input verification vulnerability that allows an attacker to use the vulnerability to send a special message to the Nano-10 PLC for a denial of service attack, which can cause the device to run in an undefined interrupt state and need to be restarted to restore normal functionality. The Triangle Research Nano-10 PLC is a controller for automated manufacturing. This vulnerability can be triggered when the firmware is processing a special length (over 0x200) MODBUS TCP message on TCP port 502. Nano-10 PLC is prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to cause the affected device to crash, denying service to legitimate users. \nNano-10 PLC running firmware r81 and prior are vulnerable. This product is usually used in automatic production equipment such as packaging machines, batching machines, etc",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-5741"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004934"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13985"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13485"
          },
          {
            "db": "BID",
            "id": "63272"
          },
          {
            "db": "IVD",
            "id": "87eac04c-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "53d04baa-1f07-11e6-abef-000c29c66e3d"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65743"
          }
        ],
        "trust": 3.42
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-5741",
            "trust": 3.6
          },
          {
            "db": "OSVDB",
            "id": "97728",
            "trust": 1.7
          },
          {
            "db": "BID",
            "id": "63272",
            "trust": 1.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-561",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13985",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13485",
            "trust": 0.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-13-329-01",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004934",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "87EAC04C-2352-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "IVD",
            "id": "53D04BAA-1F07-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-65743",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "87eac04c-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "53d04baa-1f07-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13985"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13485"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65743"
          },
          {
            "db": "BID",
            "id": "63272"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004934"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5741"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-561"
          }
        ]
      },
      "id": "VAR-201310-0348",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "87eac04c-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "53d04baa-1f07-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13985"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13485"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65743"
          }
        ],
        "trust": 2.65833335
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 1.6
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "87eac04c-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "53d04baa-1f07-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13985"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13485"
          }
        ]
      },
      "last_update_date": "2023-12-18T13:20:05.083000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Nano-10",
            "trust": 0.8,
            "url": "http://www.tri-plc.com/nano10.htm"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004934"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-65743"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004934"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5741"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://blogs.ixiacom.com/ixia-blog/hack-scada-zero-day-vulnerability-discovery-on-the-nano-10-plc/"
          },
          {
            "trust": 2.3,
            "url": "http://osvdb.org/ref/97/tri-nano10.txt"
          },
          {
            "trust": 1.7,
            "url": "http://www.osvdb.org/97728"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5741"
          },
          {
            "trust": 0.8,
            "url": "http://ics-cert.us-cert.gov/advisories/icsa-13-329-01"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5741"
          },
          {
            "trust": 0.6,
            "url": "http://blogs.ixiacom.com/ixia-blog/hack-scada-zero-day-vulnerability-discovery-on-the-nano-10-plc"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/63272"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-13985"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13485"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65743"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004934"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5741"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-561"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "87eac04c-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "53d04baa-1f07-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13985"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13485"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65743"
          },
          {
            "db": "BID",
            "id": "63272"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004934"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5741"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-561"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2013-10-24T00:00:00",
            "db": "IVD",
            "id": "87eac04c-2352-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2013-10-09T00:00:00",
            "db": "IVD",
            "id": "53d04baa-1f07-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2013-10-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2013-13985"
          },
          {
            "date": "2013-10-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2013-13485"
          },
          {
            "date": "2013-10-29T00:00:00",
            "db": "VULHUB",
            "id": "VHN-65743"
          },
          {
            "date": "2013-10-22T00:00:00",
            "db": "BID",
            "id": "63272"
          },
          {
            "date": "2013-10-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-004934"
          },
          {
            "date": "2013-10-29T03:42:33.603000",
            "db": "NVD",
            "id": "CVE-2013-5741"
          },
          {
            "date": "2013-10-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201310-561"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2013-10-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2013-13985"
          },
          {
            "date": "2013-10-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2013-13485"
          },
          {
            "date": "2013-10-29T00:00:00",
            "db": "VULHUB",
            "id": "VHN-65743"
          },
          {
            "date": "2013-11-27T00:14:00",
            "db": "BID",
            "id": "63272"
          },
          {
            "date": "2013-11-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-004934"
          },
          {
            "date": "2013-10-29T20:56:25.463000",
            "db": "NVD",
            "id": "CVE-2013-5741"
          },
          {
            "date": "2013-10-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201310-561"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-561"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Nano-10 PLC Remote Denial of Service Vulnerability",
        "sources": [
          {
            "db": "IVD",
            "id": "87eac04c-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-13985"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Input validation",
        "sources": [
          {
            "db": "IVD",
            "id": "87eac04c-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-561"
          }
        ],
        "trust": 0.8
      }
    }

    CVE-2013-6927 (GCVE-0-2013-6927)

    Vulnerability from cvelistv5 – Published: 2020-02-13 22:51 – Updated: 2024-08-06 17:53
    VLAI
    Summary
    Internet TRiLOGI Server (unknown versions) could allow a local user to bypass security and create a local user account.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/64192 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2013-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:53:44.860Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "64192",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/64192"
              },
              {
                "name": "90077",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90077"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Internet TRiLOGI Server (unknown versions) could allow a local user to bypass security and create a local user account."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-13T22:51:25.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "64192",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/64192"
            },
            {
              "name": "90077",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90077"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-6927",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Internet TRiLOGI Server (unknown versions) could allow a local user to bypass security and create a local user account."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "64192",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/64192"
                },
                {
                  "name": "90077",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90077"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-6927",
        "datePublished": "2020-02-13T22:51:25.000Z",
        "dateReserved": "2013-12-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:53:44.860Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-5741 (GCVE-0-2013-5741)

    Vulnerability from cvelistv5 – Published: 2013-10-29 01:00 – Updated: 2024-09-17 01:56
    VLAI
    Summary
    Triangle Research International (aka Tri) Nano-10 PLC devices with firmware r81 and earlier do not properly handle large length values in MODBUS data, which allows remote attackers to cause a denial of service (transition to the interrupt state) via a crafted packet to TCP port 502.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:22:30.723Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blogs.ixiacom.com/ixia-blog/hack-scada-zero-day-vulnerability-discovery-on-the-nano-10-plc/"
              },
              {
                "name": "97728",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/97728"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/ref/97/tri-nano10.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Triangle Research International (aka Tri) Nano-10 PLC devices with firmware r81 and earlier do not properly handle large length values in MODBUS data, which allows remote attackers to cause a denial of service (transition to the interrupt state) via a crafted packet to TCP port 502."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-10-29T01:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blogs.ixiacom.com/ixia-blog/hack-scada-zero-day-vulnerability-discovery-on-the-nano-10-plc/"
            },
            {
              "name": "97728",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/97728"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://osvdb.org/ref/97/tri-nano10.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5741",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Triangle Research International (aka Tri) Nano-10 PLC devices with firmware r81 and earlier do not properly handle large length values in MODBUS data, which allows remote attackers to cause a denial of service (transition to the interrupt state) via a crafted packet to TCP port 502."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://blogs.ixiacom.com/ixia-blog/hack-scada-zero-day-vulnerability-discovery-on-the-nano-10-plc/",
                  "refsource": "MISC",
                  "url": "http://blogs.ixiacom.com/ixia-blog/hack-scada-zero-day-vulnerability-discovery-on-the-nano-10-plc/"
                },
                {
                  "name": "97728",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/97728"
                },
                {
                  "name": "http://osvdb.org/ref/97/tri-nano10.txt",
                  "refsource": "MISC",
                  "url": "http://osvdb.org/ref/97/tri-nano10.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5741",
        "datePublished": "2013-10-29T01:00:00.000Z",
        "dateReserved": "2013-09-16T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:56:50.910Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-2784 (GCVE-0-2013-2784)

    Vulnerability from cvelistv5 – Published: 2013-07-10 22:00 – Updated: 2024-09-16 22:55
    VLAI
    Summary
    Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service (networking outage) via a crafted packet to TCP port 502.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T15:44:33.640Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service (networking outage) via a crafted packet to TCP port 502."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-07-10T22:00:00.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-02"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2013-2784",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service (networking outage) via a crafted packet to TCP port 502."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-02",
                  "refsource": "MISC",
                  "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-02"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2013-2784",
        "datePublished": "2013-07-10T22:00:00.000Z",
        "dateReserved": "2013-04-11T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:55:39.062Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-6927 (GCVE-0-2013-6927)

    Vulnerability from nvd – Published: 2020-02-13 22:51 – Updated: 2024-08-06 17:53
    VLAI
    Summary
    Internet TRiLOGI Server (unknown versions) could allow a local user to bypass security and create a local user account.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/64192 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2013-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:53:44.860Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "64192",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/64192"
              },
              {
                "name": "90077",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90077"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Internet TRiLOGI Server (unknown versions) could allow a local user to bypass security and create a local user account."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-13T22:51:25.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "64192",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/64192"
            },
            {
              "name": "90077",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90077"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-6927",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Internet TRiLOGI Server (unknown versions) could allow a local user to bypass security and create a local user account."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "64192",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/64192"
                },
                {
                  "name": "90077",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90077"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-6927",
        "datePublished": "2020-02-13T22:51:25.000Z",
        "dateReserved": "2013-12-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:53:44.860Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-5741 (GCVE-0-2013-5741)

    Vulnerability from nvd – Published: 2013-10-29 01:00 – Updated: 2024-09-17 01:56
    VLAI
    Summary
    Triangle Research International (aka Tri) Nano-10 PLC devices with firmware r81 and earlier do not properly handle large length values in MODBUS data, which allows remote attackers to cause a denial of service (transition to the interrupt state) via a crafted packet to TCP port 502.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:22:30.723Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blogs.ixiacom.com/ixia-blog/hack-scada-zero-day-vulnerability-discovery-on-the-nano-10-plc/"
              },
              {
                "name": "97728",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/97728"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/ref/97/tri-nano10.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Triangle Research International (aka Tri) Nano-10 PLC devices with firmware r81 and earlier do not properly handle large length values in MODBUS data, which allows remote attackers to cause a denial of service (transition to the interrupt state) via a crafted packet to TCP port 502."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-10-29T01:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blogs.ixiacom.com/ixia-blog/hack-scada-zero-day-vulnerability-discovery-on-the-nano-10-plc/"
            },
            {
              "name": "97728",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/97728"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://osvdb.org/ref/97/tri-nano10.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5741",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Triangle Research International (aka Tri) Nano-10 PLC devices with firmware r81 and earlier do not properly handle large length values in MODBUS data, which allows remote attackers to cause a denial of service (transition to the interrupt state) via a crafted packet to TCP port 502."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://blogs.ixiacom.com/ixia-blog/hack-scada-zero-day-vulnerability-discovery-on-the-nano-10-plc/",
                  "refsource": "MISC",
                  "url": "http://blogs.ixiacom.com/ixia-blog/hack-scada-zero-day-vulnerability-discovery-on-the-nano-10-plc/"
                },
                {
                  "name": "97728",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/97728"
                },
                {
                  "name": "http://osvdb.org/ref/97/tri-nano10.txt",
                  "refsource": "MISC",
                  "url": "http://osvdb.org/ref/97/tri-nano10.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5741",
        "datePublished": "2013-10-29T01:00:00.000Z",
        "dateReserved": "2013-09-16T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:56:50.910Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-2784 (GCVE-0-2013-2784)

    Vulnerability from nvd – Published: 2013-07-10 22:00 – Updated: 2024-09-16 22:55
    VLAI
    Summary
    Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service (networking outage) via a crafted packet to TCP port 502.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T15:44:33.640Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service (networking outage) via a crafted packet to TCP port 502."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-07-10T22:00:00.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-02"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2013-2784",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service (networking outage) via a crafted packet to TCP port 502."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-02",
                  "refsource": "MISC",
                  "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-02"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2013-2784",
        "datePublished": "2013-07-10T22:00:00.000Z",
        "dateReserved": "2013-04-11T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:55:39.062Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }