24 matches found
EUVD-2013-0703
Malware in sbrugna...
EUVD-2013-2749
Malware in sbrugna...
EUVD-2013-0705
Malware in sbrugna...
多款Emerson产品数据伪造问题漏洞
Emerson ROC800 and others are products of Emerson Corporation, U.S.A. Emerson ROC800 is a series of remote operation controllers.Emerson ROC800L is a series of remote operation controllers.Emerson DL8000 is a series of electronic preset controllers. A security vulnerability exists in the Emerson...
Emerson ROC800, ROC800L and DL8000
1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: High attack complexity Vendor: Emerson Equipment: ROC800, ROC800L and DL8000 Vulnerability: Insufficient Verification of Data Authenticity CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found in multiple operational...
CISA Releases Security Advisories Related to OT:ICEFALL (Insecure by Design) Report
CISA is aware that Forescout researchers have released OT:ICEFALL, a report on 56 vulnerabilities caused by insecure-by-design practices in operational technology across multiple vendors. The vulnerabilities are divided into four main categories: insecure engineering protocols, weak cryptography ...
Emerson DL Command Injection (CVE-2013-2810)
Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack. This plugin only works with Tenable.ot. Please visit...
Emerson OSE Exposure of Sensitive Information to an Unauthorized Actor (CVE-2013-0693)
The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive informati...
Emerson OSE Code Injection (CVE-2013-0689)
The TFTP server on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to upload files and consequently execute arbitrary code via unspecified vectors. This plug...
Emerson DL8000 PLC Detection
Binary data 762336.prm...
CVE-2013-2810
Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack...
Code injection
Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack...
CVE-2013-2810
Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack...
CVE-2013-2810
CVE-2013-2810 affects Emerson Process Management ROC800 RTU family (ROC800/ROC800L/DL8000) with affected software versions (ROC800 3.50 and earlier, DL8000 2.30 and earlier, ROC800L 1.20 and earlier). The vulnerability is a remote command execution via a TCP replay attack, i.e., authentication by...
CVE-2013-0689
The TFTP server on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to upload files and consequently execute arbitrary code via unspecified vectors...
CVE-2013-0693
The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive informati...
Code injection
The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary code by connecting to the debug service...
Hardcoded credentials
The Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier have hardcoded credentials in a ROM, which makes it easier for remote attackers to obtain shell access to the underlying OS by...
CVE-2013-0693
CVE-2013-0693 affects ENEA OSE on ROC800 RTUs (ROC800, ROC800L, DL8000) with ROM/kernel versions 3.50/2.30/1.20 and earlier. The issue is a network beacon broadcast by the ROC800 kernel, allowing remote attackers to discover device presence and potentially sensitive information by listening to br...
CVE-2013-0694
CVE-2013-0694 concerns hardcoded credentials in ROMs of Emerson ROC800 RTU family: ROC800 (v3.50 and earlier), DL8000 (v2.30 and earlier), and ROC800L (v1.20 and earlier). The underlying flaw enables remote attackers to obtain a shell on the OS by exploiting ROM contents known from a device insta...