Lucene search

[email protected]CVE-2013-0693

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2013-0693

2022-10-0316:15:03

CWE-200

[email protected]

web.nvd.nist.gov

cve-2013-0693

enea ose

emerson process management

roc800

dl8000

roc800l

remote attack

network beacon

broadcasts

sensitive information

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.1%

JSON

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive information about device presence by listening for broadcast traffic.

Affected configurations

NVD

Node

eneaoseRange≤1.20

AND

emersonroc_800l_remote_terminal_unitMatch-

Node

eneaoseRange≤2.30

AND

emersondl_8000_remote_terminal_unitMatch-

Node

eneaoseRange≤3.50

AND

emersonroc_800_remote_terminal_unitMatch-

CPENameOperatorVersion
enea:oseenea osele1.20
emerson:roc_800l_remote_terminal_unitemerson roc 800l remote terminal uniteq-

CPE	Name	Operator	Version
enea:ose	enea ose	le	1.20
emerson:roc_800l_remote_terminal_unit	emerson roc 800l remote terminal unit	eq	-

References

ics-cert.us-cert.gov/advisories/ICSA-13-259-01

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.1%

JSON

Related for CVE-2013-0693

prion1 cvelist1 nvd1 nessus2 ics2