Unrated severityNVD Advisory· Published Nov 22, 2013· Updated Apr 29, 2026

CVE-2013-2811

Description

The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I/O driver before 7.20k, as used in DNPDrv.exe (aka the DNP master station server) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet.

Affected products

Catapultsoftware/Catapult Dnp3 I\/o Driver
cpe:2.3:a:catapultsoftware:catapult_dnp3_i\/o_driver:*:*:*:*:*:*:*:*
Range: <=7.20.56
Ge/Intelligent Platforms Proficy Dnp3 I\/o Driver11 versions
cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\/o_driver:*:j:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\/o_driver:*:j:*:*:*:*:*:*range: <=7.20
- cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\/o_driver:7.20:-:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\/o_driver:7.20:a:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\/o_driver:7.20:b:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\/o_driver:7.20:c:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\/o_driver:7.20:d:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\/o_driver:7.20:e:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\/o_driver:7.20:f:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\/o_driver:7.20:g:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\/o_driver:7.20:h:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_dnp3_i\/o_driver:7.20:i:*:*:*:*:*:*
Ge/Intelligent Platforms Proficy Hmi\/SCADA Cimplicity5 versions
cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_cimplicity:4.01:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_cimplicity:4.01:*:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_cimplicity:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_cimplicity:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_cimplicity:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_cimplicity:8.2:*:*:*:*:*:*:*
Ge/Intelligent Platforms Proficy Hmi\/SCADA Ifix2 versions
cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_ifix:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_ifix:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_ifix:5.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.ge-ip.com/support/indexnvdVendor Advisory
support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/15000/KB15805/en_US/GEIP13-04%20Security%20Advisory%20-%20Proficy%20HMI%20SCADA%20DNP3%20Driver%20from%20Catapult%20Software.pdfnvdVendor Advisory
ics-cert.us-cert.gov/advisories/ICSA-13-297-01nvdUS Government Resource
ics-cert.us-cert.gov/advisories/ICSA-13-297-02nvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000