CVE-2014-2357 (GCVE-0-2014-2357)
Vulnerability from cvelistv5
Published
2014-08-11 22:00
Modified
2025-10-03 17:14
Severity ?
CWE
Summary
The GPT library in the Telegyr 8979 Master Protocol application in SUBNET SubSTATION Server 2 before SSNET 2.12 HF18808 allows remote attackers to cause a denial of service (persistent service crash) via a long RTU-to-Master message.
References
ics-cert@hq.dhs.govhttps://www.cisa.gov/news-events/ics-advisories/icsa-14-196-01
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-14-196-01US Government Resource
Impacted products
Vendor Product Version
SUBNET SubSTATION Server 2 Telegyr 8979 Master Protocol Version: all versions
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:14:25.268Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-196-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SubSTATION Server 2 Telegyr 8979 Master Protocol",
          "vendor": "SUBNET",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Adam Crain of Automatak and Chris Sistrunk of Mandiant"
        }
      ],
      "datePublic": "2014-07-31T06:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe GPT library in the Telegyr 8979 Master Protocol application in SUBNET SubSTATION Server 2 before SSNET 2.12 HF18808 allows remote attackers to cause a denial of service (persistent service crash) via a long RTU-to-Master message.\u003c/p\u003e"
            }
          ],
          "value": "The GPT library in the Telegyr 8979 Master Protocol application in SUBNET SubSTATION Server 2 before SSNET 2.12 HF18808 allows remote attackers to cause a denial of service (persistent service crash) via a long RTU-to-Master message."
        }
      ],
      "metrics": [
        {
          "cvssV2_0": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-03T17:14:03.235Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-196-01"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eSUBNET has produced hot fix \u201cSSNET v2.12 HF18808\u201d to resolve this issue.\u003c/p\u003e\u003cp\u003eThis hot fix can be obtained by secure FTP provided by the SUBNET \nsupport department. Please contact SUBNET Customer Support at: (403) \n270-8885, or by email at: \u003ca target=\"_blank\" rel=\"nofollow\"\u003esupport@SUBNET.com\u0026nbsp;\u003c/a\u003eand reference SUBNET Release Bulletin \u201cSubSTATION Server 2.12 HF18808 \nRelease, 21  May 2014\u201d for a copy of this release bulletin and \ndownload/installation information (This bulletin is being sent to \nregistered users only).\u003c/p\u003e\n\u003cp\u003eVendor Recommendation:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe exploit results in an unrecoverable exception, but all software \ncomponents are registered as Services under Windows and can be \nconfigured to automatically restart after any stoppage. Users can \nconfigure the service to automatically restart, which limits the DoS to a\n momentary disruption.\u003c/li\u003e\n\u003cli\u003eBackward compatible releases will be available by request for customers using older versions of SubSTATION Server.\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "SUBNET has produced hot fix \u201cSSNET v2.12 HF18808\u201d to resolve this issue.\n\nThis hot fix can be obtained by secure FTP provided by the SUBNET \nsupport department. Please contact SUBNET Customer Support at: (403) \n270-8885, or by email at: support@SUBNET.com\u00a0and reference SUBNET Release Bulletin \u201cSubSTATION Server 2.12 HF18808 \nRelease, 21  May 2014\u201d for a copy of this release bulletin and \ndownload/installation information (This bulletin is being sent to \nregistered users only).\n\n\nVendor Recommendation:\n\n\n\n  *  The exploit results in an unrecoverable exception, but all software \ncomponents are registered as Services under Windows and can be \nconfigured to automatically restart after any stoppage. Users can \nconfigure the service to automatically restart, which limits the DoS to a\n momentary disruption.\n\n  *  Backward compatible releases will be available by request for customers using older versions of SubSTATION Server."
        }
      ],
      "source": {
        "advisory": "ICSA-14-196-01",
        "discovery": "EXTERNAL"
      },
      "title": "SUBNET SubSTATION Server 2 Telegyr 8979 Master Protocol Improper Input Validation",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2014-2357",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The GPT library in the Telegyr 8979 Master Protocol application in SUBNET SubSTATION Server 2 before SSNET 2.12 HF18808 allows remote attackers to cause a denial of service (persistent service crash) via a long RTU-to-Master message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-196-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-196-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2014-2357",
    "datePublished": "2014-08-11T22:00:00",
    "dateReserved": "2014-03-13T00:00:00",
    "dateUpdated": "2025-10-03T17:14:03.235Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-2357\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2014-08-11T22:55:04.210\",\"lastModified\":\"2025-10-03T18:15:33.907\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The GPT library in the Telegyr 8979 Master Protocol application in SUBNET SubSTATION Server 2 before SSNET 2.12 HF18808 allows remote attackers to cause a denial of service (persistent service crash) via a long RTU-to-Master message.\"},{\"lang\":\"es\",\"value\":\"La librar\u00eda GPT en la aplicaci\u00f3n Telegyr 8979 Master Protocol en SUBNET SubSTATION Server 2 anterior a SSNET 2.12 HF18808 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de servicio persistente) a trav\u00e9s de un mensaje RTU-to-Master largo.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":8.3,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":6.5,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:C\",\"baseScore\":7.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:subnet:substation_server:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.12\",\"matchCriteriaId\":\"BA1CC6F9-2DA6-43A4-9692-BE0CF0801E9F\"}]}]}],\"references\":[{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-14-196-01\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-14-196-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.