Aggregates CVE and security vulnerability intelligence across all alstom-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk input validation and vendor risk denial of service, with potential vendor impact unexpected behavior across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2013-2818 | The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and 3.7 allows physically proximate attackers to cause a denial of service (infinite loop and DNP3 service disruption) via crafted input over a serial line. | [email protected] | 4.7 | 0.36% | 2013-12-01 | 2026-04-29 |
| CVE-2013-2787 | Alstom e-terracontrol 3.5, 3.6, and 3.7 allows remote attackers to cause a denial of service (infinite loop) via crafted DNP3 packets. | [email protected] | 7.8 | 1.47% | 2013-10-13 | 2026-04-29 |
| CVE-2013-2786 | Alstom Grid MiCOM S1 Agile before 1.0.3 and Alstom Grid MiCOM S1 Studio use weak permissions for the MiCOM S1 %PROGRAMFILES% directory, which allows local users to gain privileges via a Trojan horse executable file. | [email protected] | 6.6 | 0.29% | 2013-07-10 | 2026-04-29 |