Ansi C Source Code Libraries
CVE-2013-2794
MEDIUM
Severity by source
AV:L/AC:L/Au:N/C:N/I:N/A:C
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:L/AC:L/Au:N/C:N/I:N/A:C
Lifecycle Timeline
1DescriptionCVE.org
Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line.
AnalysisAI
Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line. Affected products include: Trianglemicroworks Ansi C Source Code Libraries, Trianglemicroworks .Net Communication Protocol Components, Trianglemicroworks Scada Data Gateway. Version information: through 3.00.0616.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.
More in Ansi C Source Code Libraries
View allSame weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today