Vulnerabilities > CVE-2013-2784 - Cryptographic Issues vulnerability in Triplc Nano-10 PLC and Nano-10 PLC Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service (networking outage) via a crafted packet to TCP port 502.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 | |
Hardware | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Signature Spoofing by Key Recreation An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Exploit-Db
description | Tri-PLC Nano-10 r81 - Denial of Service. CVE-2013-2784. Dos exploit for hardware platform |
id | EDB-ID:26802 |
last seen | 2016-02-03 |
modified | 2013-07-13 |
published | 2013-07-13 |
reporter | Sapling |
source | https://www.exploit-db.com/download/26802/ |
title | Tri-PLC Nano-10 r81 - Denial of Service |
Packetstorm
data source | https://packetstormsecurity.com/files/download/122395/triplc-dos.txt |
id | PACKETSTORM:122395 |
last seen | 2016-12-05 |
published | 2013-07-14 |
reporter | Sapling |
source | https://packetstormsecurity.com/files/122395/Tri-PLC-Nano-10-r81-Denial-Of-Service.html |
title | Tri-PLC Nano-10 r81 Denial Of Service |
Seebug
bulletinFamily | exploit |
description | No description provided by source. |
id | SSV:80426 |
last seen | 2017-11-19 |
modified | 2014-07-01 |
published | 2014-07-01 |
reporter | Root |
source | https://www.seebug.org/vuldb/ssvid-80426 |
title | Tri-PLC Nano-10 r81 - Denial of Service |