Lucene search
HistoryNov 20, 2023 - 5:15 p.m.
CVE-2023-35762
inea me rtu
firmware
vulnerability
os command injection
remote code execution
9.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
56.2%
Versions of INEA ME RTU firmware 3.36b and prior are vulnerable to operating system (OS) command injection, which could allow remote code execution.
Affected configurations
Node
ineame_rtuMatch-
ineame_rtu_firmwareRange<3.37
| CPE | Name | Operator | Version |
|---|---|---|---|
| inea:me_rtu_firmware | inea me rtu firmware | lt | 3.37 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "ME RTU",
"vendor": "INEA",
"versions": [
{
"lessThanOrEqual": "3.36b",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
nessus
nessus
Mitsubishi INEA ME RTU OS Command Injection (CVE-2023-35762)
2023-11-29 00:00:00
prion
prion
Command injection
2023-11-20 17:15:00
cvelist
cvelist
CVE-2023-35762 OS Command Injection in INEA ME RTU
2023-11-20 16:25:56
nvd
nvd
CVE-2023-35762
2023-11-20 17:15:13
ics
ics
INEA ME RTU
2023-10-31 12:00:00
9.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
56.2%
Related for CVE-2023-35762