OTPulse
FeedAboutContact

Top Server OPC Improper Input Validation Vulnerability

Low RiskICS-CERT ICSA-13-234-02May 25, 2013
Summary

The DNP Master Driver component in TOP Server OPC version 5.11.250.0 and earlier does not properly validate input, which could allow remote exploitation. The driver fails to sanitize network input before processing, potentially leading to denial of service or unexpected application behavior.

What this means
What could happen
An attacker with network access to the OPC server could send malformed input to the DNP Master Driver, potentially causing the server to crash or malfunction. This could interrupt data exchange with connected SCADA systems, RTUs, or other industrial devices.
Who's at risk
Water utilities, electric cooperatives, and other facilities using TOP Server OPC for SCADA integration with DNP3-based RTUs or master stations. This affects any operator using the legacy TOP Server software with DNP Master Driver components version 5.11.250.0 or earlier.
How it could be exploited
An attacker sends crafted network packets to the DNP Master Driver listening on the OPC server. The driver fails to validate the input properly, triggering a crash or unexpected behavior that disrupts communication with field devices.
Prerequisites
  • Network access to the TOP Server OPC Server port (typically 135 for OPC or DNP-specific ports)
  • The DNP Master Driver component must be active and listening for connections
no patch availableremotely exploitableaffects operational data exchangelegacy/unsupported software
Exploitability
Low exploit probability (EPSS 0.5%)
Affected products (1)
ProductAffected VersionsFix Status
DNP Master Driver for the TOP Server OPC Server: <=5.11.250.0≤ 5.11.250.0No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/3
HARDENINGImplement network segmentation and firewall rules to restrict access to the OPC server to only authorized engineering workstations and SCADA systems
HARDENINGMonitor network traffic to the OPC server for suspicious or malformed packets targeting the DNP Master Driver
WORKAROUNDDisable the DNP Master Driver if it is not actively used in your process
Mitigations - no patch available
0/1
DNP Master Driver for the TOP Server OPC Server: <=5.11.250.0 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGEvaluate upgrade options or replacement of the TOP Server to a supported version with input validation fixes
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/c13f6b99-f08d-4331-a793-e697a7356878
Top Server OPC Improper Input Validation Vulnerability - OTPulse