FreyrSCADA/IEC-60870-5-104 Denial of Service

HIGH (7.5) No Patch
cwe-119aenrichdenial-of-servicefreyrscadaiece608705104industrial-automationserver

Threat Intelligence

Low Risk
🔍 Detection Tools: None available in major open-source tools
⚔️ Exploit Availability: No public exploits found

How we test →

What is it?

FreyrSCADA/IEC-60870-5-104 is a server software used for industrial automation and control systems. It allows remote access to IEC 60870-5-104, a protocol for exchanging data between energy management systems. However, this vulnerability enables attackers to cause a denial of service by sending specific message sequences, which can lead to system crashes or downtime.

Am I affected?

You're affected if you use FreyrSCADA/IEC-60870-5-104 server version 21.06.008. If you don't recognize the name "FreyrSCADA" as a software used in industrial automation, you're probably not affected. Check with your IT department or system administrator to confirm.

Affected Products

FreyrSCADA / IEC-60870-5-104 Server

How to fix

To fix this vulnerability, upgrade to FreyrSCADA/IEC-60870-5-104 server version 21.06.009 or later. If an immediate patch isn't possible:

  1. Restrict network access to the IEC-60870-5-104 instance (firewall it from the public internet).
  2. Audit system logs for suspicious message sequences.
  3. Monitor system activity for signs of denial-of-service attacks.

References