Lucene search
IcscertCVELIST:CVE-2023-2131HistoryApr 20, 2023 - 8:40 p.m.
CVE-2023-2131 CVE-2023-2131
2023-04-2020:40:57
icscert
www.cve.org
cve-2023-2131
inea me rtu
firmware
command injection
remote execution
arbitrary code
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.9 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
62.2%
Versions of INEA ME RTU firmware prior to 3.36 are vulnerable to OS command injection, which could allow an attacker to remotely execute arbitrary code.
CNA Affected
[
{
"vendor": "INEA",
"product": "ME RTU",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "3.36",
"versionType": "custom"
}
]
}
]Related
nessus
nessus
nvd
nvd
CVE-2023-2131
2023-04-20 21:15:08
ics
ics
INEA ME RTU
2023-04-20 12:00:00
cve
cve
CVE-2023-2131
2023-04-20 21:15:08
thn
thn
CISA Issues Advisory on Critical RCE Affecting ME RTU Remote Terminal Units
2023-05-03 05:07:00
prion
prion
Command injection
2023-04-20 21:15:00
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.9 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
62.2%
Related for CVELIST:CVE-2023-2131