Lucene search

[email protected]NVD:CVE-2013-0694

HistoryOct 03, 2013 - 11:04 a.m.

CVE-2013-0694

2013-10-0311:04:37

CWE-255

[email protected]

web.nvd.nist.gov

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.0%

JSON

The Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier have hardcoded credentials in a ROM, which makes it easier for remote attackers to obtain shell access to the underlying OS by leveraging knowledge of the ROM contents from a product installation elsewhere.

Affected configurations

NVD

Node

eneaoseRange≤2.30

AND

emersondl_8000_remote_terminal_unitMatch-

Node

eneaoseRange≤1.20

AND

emersonroc_800l_remote_terminal_unitMatch-

Node

eneaoseRange≤3.50

AND

emersonroc_800_remote_terminal_unitMatch-

References

ics-cert.us-cert.gov/advisories/ICSA-13-259-01

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.0%

JSON

Related for NVD:CVE-2013-0694

cve1 prion1 nessus2 cvelist1 ics2