Authentication flaw

2023-11-2101:15:00

PRIOn knowledge base

www.prio-n.com

authentication flaw

red lion sixtrak

versatrak series rtus

udp/ip

tcp/ip

unchallenged messages

7.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

39.3%

JSON

Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge.

CPENameOperatorVersion
st-ipm-6350_firmwareeq4.9.114
st-ipm-8460_firmwareeq6.0.202
vt-ipm2m-113-d_firmwareeq4.9.114
vt-ipm2m-213-d_firmwareeq4.9.114
vt-mipm-135-d_firmwareeq4.9.114
vt-mipm-245-d_firmwareeq4.9.114

Name	Operator	Version
st-ipm-6350_firmware	eq	4.9.114
st-ipm-8460_firmware	eq	6.0.202
vt-ipm2m-113-d_firmware	eq	4.9.114
vt-ipm2m-213-d_firmware	eq	4.9.114
vt-mipm-135-d_firmware	eq	4.9.114
vt-mipm-245-d_firmware	eq	4.9.114