DNP3 Security: Safeguarding Critical Infrastructure

Integration Solutions

Chipkin has integration solutions for almost every situation. We specialize in network protocol communications and have over 20+ years of experience. Click for more information:

Need an integration solution? We can help!

The following links show the list of vulnerabilities to be aware of when using the DNP3 Protocol. Please click on any of the following to get a more in-depth look:

NovaTech Orion DNP3 Improper Input Validation ...

ics-cert.us-cert.gov/advisories/ICSA-13-352-01
Advisory (ICSA-13-352-01) NovaTech Orion DNP3 Improper Input Validation Vulnerability Original release date: December 18, 2013

DNP3 Implementation Vulnerability (Update B) | ICS-CERT

ics-cert.us-cert.gov/advisories/ICSA-13-291-01B
Advisory (ICSA-13-291-01B) DNP3 Implementation Vulnerability (Update B) Original release date: April 09, 2014 | Last revised: April 10, 2014

OSIsoft PI Interface for DNP3 Improper Input Validation ...

ics-cert.us-cert.gov/advisories/ICSA-14-098-01
Advisory (ICSA-14-098-01) OSIsoft PI Interface for DNP3 Improper Input Validation Original release date: April 08, 2014 | Last revised: May 06, 2015

Catapult Software DNP3 Driver Improper Input Validation ...

ics-cert.us-cert.gov/advisories/ICSA-13-297-01
Advisory (ICSA-13-297-01) Catapult Software DNP3 Driver Improper Input Validation Original release date: November 19, 2013 | Last revised: December ...

GE Proficy DNP3 Improper Input Validation | ICS-CERT

ics-cert.us-cert.gov/advisories/ICSA-13-297-02
The Catapult Software DNP3 driver, used in the GE iFIX and CIMPLICITY products, does not validate input correctly. An attacker could cause the ...

Rockwell Micrologix 1400 DNP3 DOS Vulnerability | ICS-CERT

ics-cert.us-cert.gov/advisories/ICSA-14-254-02
Advisory (ICSA-14-254-02) Rockwell Micrologix 1400 DNP3 DOS Vulnerability Original release date: September 30, 2014

Schneider Electric Telvent SAGE RTU DNP3 Improper Input ...

ics-cert.us-cert.gov/advisories/ICSA-14-006-01
Advisory (ICSA-14-006-01) Schneider Electric Telvent SAGE RTU DNP3 Improper Input Validation Vulnerability Original release date: January 30, 2014

MatrikonOPC for DNP Unhandled C++ Exception | ICS-CERT

ics-cert.us-cert.gov/advisories/ICSA-14-329-01
Advisory (ICSA-14-329-01) MatrikonOPC for DNP Unhandled ... Block DNP3 traffic from traversing onto business or corporate networks through the use of ...

MatrikonOPC SCADA DNP3 Master Station Improper Input ...

ics-cert.us-cert.gov/advisories/ICSA-13-213-04A
Advisory (ICSA-13-213-04A) MatrikonOPC SCADA DNP3 Master Station Improper Input Validation Original release date: August 29, 2013 | Last revised: ...

Advisory (ICSA-13-252-01) - ICS-CERT

ics-cert.us-cert.gov/advisories/ICSA-13-252-01
Advisory (ICSA-13-252-01) SUBNET Solutions Inc. SubSTATION Server DNP3 Outstation Improper Input Validation Original release date: September 09, 2013 ...

IOServer DNP3 Improper Input Validation | ICS-CERT

ics-cert.us-cert.gov/advisories/ICSA-13-161-01
Adam Crain of Automatak and independent researcher Chris Sistrunk have identified improper input validation in IOServer’s DNP3 driver software.

Advisory (ICSA-13-282-01) Alstom e-Terracontrol DNP3 ...

ics-cert.us-cert.gov/advisories/ICSA-13-282-01A
OVERVIEW. This updated advisory is a follow-up to the original advisory titled ICSA-13-282-01, Alstom e”‘terracontrol DNP3 Master Improper Input ...

GE Proficy HMI/SCADA DNP3 Driver Input Validation | ICS-CERT

ics-cert.us-cert.gov/advisories/ICSA-14-287-01
Advisory (ICSA-14-287-01) GE Proficy HMI/SCADA DNP3 Driver Input Validation Original release date: January 13, 2015

Cooper Power Systems Cybectec DNP3 Master OPC Server ...

ics-cert.us-cert.gov/advisories/ICSA-13-346-02
Advisory (ICSA-13-346-02) Cooper Power Systems Cybectec DNP3 Master OPC Server Improper Input Validation Original release date: December 12, 2013 | ...

Elipse SCADA DNP3 Denial of Service | ICS-CERT

ics-cert.us-cert.gov/advisories/ICSA-14-303-02
Advisory (ICSA-14-303-02) Elipse SCADA DNP3 Denial of Service Original release date: December 02, 2014

Advisory (ICSA-13-219-01) - ICS-CERT

ics-cert.us-cert.gov/advisories/ICSA-13-219-01
Advisory (ICSA-13-219-01) ... · Block DNP3 traffic from traversing onto business or corporate networks through the use of an IPS or firewall with DPN3 ...

Advisory (ICSA-14-014-01) - ICS-CERT

ics-cert.us-cert.gov/advisories/ICSA-14-014-01
Advisory (ICSA-14-014-01) ... Monitor DNP3 traffic and system Event Journal to detect excessive amounts of traffic/logging that may be representative ...

COPA-DATA Improper Input Validation | ICS-CERT

ics-cert.us-cert.gov/advisories/ICSA-14-154-01
Advisory (ICSA-14-154-01) COPA-DATA Improper Input Validation Original release date: June 03, 2014. Print Document. Tweet. ... zenon DNP3 Process ...

Triangle MicroWorks Improper Input Validation | ICS-CERT

ics-cert.us-cert.gov/advisories/ICSA-13-240-01
Advisory (ICSA-13-240-01) Triangle MicroWorks Improper Input Validation Original release date: ... DNP3 ANSI C source code libraries, v3.06.0000 ...

| ICS-CERT

ics-cert.us-cert.gov/ics-archive
ICSA-14-287-01: GE Proficy HMI/SCADA DNP3 Driver Input Validation; ... Follow ICS-CERT on Twitter. Follow ICS-CERT on Twitter; Mailing Lists and ...

DNP3 Security: Safeguarding Critical Infrastructure

Integration Solutions

ics-cert.us-cert.gov/advisories/ICSA-13-352-01Advisory (ICSA-13-352-01) NovaTech Orion DNP3 Improper Input Validation Vulnerability Original release date: December 18, 2013

ics-cert.us-cert.gov/advisories/ICSA-13-291-01BAdvisory (ICSA-13-291-01B) DNP3 Implementation Vulnerability (Update B) Original release date: April 09, 2014 | Last revised: April 10, 2014

ics-cert.us-cert.gov/advisories/ICSA-14-098-01Advisory (ICSA-14-098-01) OSIsoft PI Interface for DNP3 Improper Input Validation Original release date: April 08, 2014 | Last revised: May 06, 2015

ics-cert.us-cert.gov/advisories/ICSA-13-297-01Advisory (ICSA-13-297-01) Catapult Software DNP3 Driver Improper Input Validation Original release date: November 19, 2013 | Last revised: December ...

ics-cert.us-cert.gov/advisories/ICSA-13-297-02The Catapult Software DNP3 driver, used in the GE iFIX and CIMPLICITY products, does not validate input correctly. An attacker could cause the ...

ics-cert.us-cert.gov/advisories/ICSA-14-254-02Advisory (ICSA-14-254-02) Rockwell Micrologix 1400 DNP3 DOS Vulnerability Original release date: September 30, 2014

ics-cert.us-cert.gov/advisories/ICSA-14-006-01Advisory (ICSA-14-006-01) Schneider Electric Telvent SAGE RTU DNP3 Improper Input Validation Vulnerability Original release date: January 30, 2014

ics-cert.us-cert.gov/advisories/ICSA-14-329-01Advisory (ICSA-14-329-01) MatrikonOPC for DNP Unhandled ... Block DNP3 traffic from traversing onto business or corporate networks through the use of ...

ics-cert.us-cert.gov/advisories/ICSA-13-213-04AAdvisory (ICSA-13-213-04A) MatrikonOPC SCADA DNP3 Master Station Improper Input Validation Original release date: August 29, 2013 | Last revised: ...

ics-cert.us-cert.gov/advisories/ICSA-13-252-01Advisory (ICSA-13-252-01) SUBNET Solutions Inc. SubSTATION Server DNP3 Outstation Improper Input Validation Original release date: September 09, 2013 ...

ics-cert.us-cert.gov/advisories/ICSA-13-161-01Adam Crain of Automatak and independent researcher Chris Sistrunk have identified improper input validation in IOServer’s DNP3 driver software.

ics-cert.us-cert.gov/advisories/ICSA-13-282-01AOVERVIEW. This updated advisory is a follow-up to the original advisory titled ICSA-13-282-01, Alstom e”‘terracontrol DNP3 Master Improper Input ...

ics-cert.us-cert.gov/advisories/ICSA-14-287-01Advisory (ICSA-14-287-01) GE Proficy HMI/SCADA DNP3 Driver Input Validation Original release date: January 13, 2015

ics-cert.us-cert.gov/advisories/ICSA-13-346-02Advisory (ICSA-13-346-02) Cooper Power Systems Cybectec DNP3 Master OPC Server Improper Input Validation Original release date: December 12, 2013 | ...

ics-cert.us-cert.gov/advisories/ICSA-14-303-02Advisory (ICSA-14-303-02) Elipse SCADA DNP3 Denial of Service Original release date: December 02, 2014

ics-cert.us-cert.gov/advisories/ICSA-13-219-01Advisory (ICSA-13-219-01) ... · Block DNP3 traffic from traversing onto business or corporate networks through the use of an IPS or firewall with DPN3 ...

ics-cert.us-cert.gov/advisories/ICSA-14-014-01Advisory (ICSA-14-014-01) ... Monitor DNP3 traffic and system Event Journal to detect excessive amounts of traffic/logging that may be representative ...

ics-cert.us-cert.gov/advisories/ICSA-14-154-01Advisory (ICSA-14-154-01) COPA-DATA Improper Input Validation Original release date: June 03, 2014. Print Document. Tweet. ... zenon DNP3 Process ...

ics-cert.us-cert.gov/advisories/ICSA-13-240-01Advisory (ICSA-13-240-01) Triangle MicroWorks Improper Input Validation Original release date: ... DNP3 ANSI C source code libraries, v3.06.0000 ...

ics-cert.us-cert.gov/ics-archiveICSA-14-287-01: GE Proficy HMI/SCADA DNP3 Driver Input Validation; ... Follow ICS-CERT on Twitter. Follow ICS-CERT on Twitter; Mailing Lists and ...

Testimonials

Contact Us

Contact us via phone (+1 866-383-1657) or leave a detailed message below for sales, support, or any other needs