{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"ePAQ-9410 Substation Gateway","vendor":"CG Automation","versions":[{"status":"affected","version":"all versions"}]}],"credits":[{"lang":"en","type":"finder","value":"Adam Crain of Automatak"},{"lang":"en","type":"finder","value":"Chris Sistrunk of Mandiant"}],"datePublic":"2014-08-26T06:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>\nThe CG Automation Software DNP3 driver, used in the ePAQ-9410 Substation\n Gateway products, does not validate input correctly. An attacker could \ncause the software to go into an infinite loop, causing the process to \ncrash. The system must be restarted manually to clear the condition.\n\n</p>"}],"value":"The CG Automation Software DNP3 driver, used in the ePAQ-9410 Substation\n Gateway products, does not validate input correctly. An attacker could \ncause the software to go into an infinite loop, causing the process to \ncrash. The system must be restarted manually to clear the condition."}],"metrics":[{"cvssV2_0":{"accessComplexity":"MEDIUM","accessVector":"LOCAL","authentication":"NONE","availabilityImpact":"COMPLETE","baseScore":4.7,"confidentialityImpact":"NONE","integrityImpact":"NONE","vectorString":"AV:L/AC:M/Au:N/C:N/I:N/A:C","version":"2.0"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"CWE-20","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","shortName":"icscert","dateUpdated":"2025-09-19T18:58:30.389Z"},"references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-14-238-01"},{"url":"http://mail.cgautomationusa.com/login.aspx"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>CG Automation has fixed this vulnerability with updated software. \nUsers may obtain the updated software by downloading from this web \naddress:&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"http://mail.cgautomationusa.com/login.aspx\">http://mail.cgautomationusa.com/login.aspx</a></p>\n\n<br>"}],"value":"CG Automation has fixed this vulnerability with updated software. \nUsers may obtain the updated software by downloading from this web \naddress:  http://mail.cgautomationusa.com/login.aspx"}],"source":{"advisory":"ICSA-14-238-01","discovery":"EXTERNAL"},"title":"CG Automation ePAQ-9410 Substation Gateway Improper Input Validation","x_generator":{"engine":"Vulnogram 0.2.0"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"ics-cert@hq.dhs.gov","ID":"CVE-2014-0761","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows remote attackers to cause a denial of service (infinite loop or process crash) via a crafted TCP packet."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"https://ics-cert.us-cert.gov/advisories/ICSA-14-238-01","refsource":"MISC","url":"https://ics-cert.us-cert.gov/advisories/ICSA-14-238-01"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-06T09:27:19.483Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://ics-cert.us-cert.gov/advisories/ICSA-14-238-01"}]}]},"cveMetadata":{"assignerOrgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","assignerShortName":"icscert","cveId":"CVE-2014-0762","datePublished":"2014-08-28T01:00:00.000Z","dateReserved":"2014-01-02T00:00:00.000Z","dateUpdated":"2025-09-19T18:58:30.389Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}