EUVD-2023-44758

Malicious code in bioql PyPI...

CVE-2023-42770

Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge...

CVE-2023-42770

Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge...

Authentication flaw

Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge...

CVE-2023-40151

When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP t...

Authentication flaw

When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP t...

CVE-2023-42770

CVE-2023-42770 affects Red Lion SixTRAK and VersaTRAK RTUs. An authentication bypass occurs because Sixnet UDR messages on UDP/TCP are treated differently: UDP prompts for authentication, while TCP accepts without challenge. This enables an attacker to bypass authentication and, in conjunction wi...

CVE-2023-40151 Red Lion Controls Sixnet RTU Exposed Dangerous Method Or Function

When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP t...

CVE-2023-40151

CVE-2023-40151 affects Red Lion SixTRAK and VersaTRAK RTUs. Two flaws enable: (1) CVE-2023-42770 authentication bypass where UDP requires auth but TCP messages are accepted without challenge; (2) CVE-2023-40151 remote code execution via Sixnet UDR shell command execution, allowing root privileges...

Red Lion Controls SixTRAK and VersaTRAK Access Control Error Vulnerability

Red Lion Controls SixTRAK and Red Lion Controls VersaTRAK are the ultimate process controllers with open LINUX software capabilities from Red Lion Controls, Inc. A security vulnerability exists in the Red Lion Controls SixTRAK and VersaTRAK Series RTUs that originated to allow an attacker to bypa...

Red Lion Controls SixTRAK and VersaTRAK Security Vulnerabilities

Red Lion Controls SixTRAK and Red Lion Controls VersaTRAK are the ultimate process controllers with open LINUX software capabilities from Red Lion Controls, Inc. A security vulnerability exists in the Red Lion Controls SixTRAK and VersaTRAK Series RTUs that originated from allowing an...

PT-2023-7324 · Red Lion · Red Lion Versatrak +1

Name of the Vulnerable Software and Affected Versions: Red Lion SixTRAK and VersaTRAK Series RTUs affected versions not specified Description: The issue is related to the authentication function in Red Lion SixTRAK and VersaTRAK Series RTUs. When authenticated users are enabled, any Sixnet UDR...