15 matches found
EUVD-2013-0703
Malware in sbrugna...
CVE-2013-0692
The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary code by connecting to the debug service...
CVE-2013-0693
The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive informati...
Enea Ose Unspecified Vulnerability
The Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier have hardcoded credentials in a ROM, which makes it easier for remote attackers to obtain shell access to the underlying OS by...
Enea Ose Improper Control of Generation of Code ('Code Injection')
The TFTP server on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to upload files and consequently execute arbitrary code via unspecified vectors. File data...
Enea Ose Unspecified Vulnerability
The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary code by connecting to the debug service. File data ot500236.na...
Enea Ose Exposure of Sensitive Information to an Unauthorized Actor
The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive informati...
CVE-2013-0693
The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive informati...
Code injection
The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary code by connecting to the debug service...
Code injection
The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive informati...
CVE-2013-0693
CVE-2013-0693 affects ENEA OSE on ROC800 RTUs (ROC800, ROC800L, DL8000) with ROM/kernel versions 3.50/2.30/1.20 and earlier. The issue is a network beacon broadcast by the ROC800 kernel, allowing remote attackers to discover device presence and potentially sensitive information by listening to br...
CVE-2013-0692
The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary code by connecting to the debug service...
CVE-2013-0693
The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive informati...
CVE-2013-0692
CVE-2013-0692 affects Emerson ROC800 RTUs running ENEA OSE (ROC800, ROC800L, DL8000) with affected software revisions (ROC800 3.50 or earlier, DL8000 2.30 or earlier, ROC800L 1.20 or earlier). The vulnerability allows remote code execution by connecting to the device’s debug service via the ENEA ...
Emerson ROC800 Multiple Vulnerabilities (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-13-259-01A Emerson ROC800 Multiple Vulnerabilities that was published December 2, 2014, on the NCCIC/ICS‑CERT web site. This advisory provides mitigation details for multiple vulnerabilities affecting the Emerson...