Lucene search
IcscertVULNRICHMENT:CVE-2023-35762HistoryNov 20, 2023 - 4:25 p.m.
CVE-2023-35762 OS Command Injection in INEA ME RTU
2023-11-2016:25:56
CWE-78
icscert
github.com
1
cve-2023-35762; os command injection; inea me rtu; firmware 3.36b; remote code execution
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
7.7
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Versions of INEA ME RTU firmware 3.36b and prior are vulnerable to operating system (OS) command injection, which could allow remote code execution.
ADP Affected
[
{
"cpes": [
"cpe:2.3:h:inea:me_rtu:-:*:*:*:*:*:*:*"
],
"vendor": "inea",
"product": "me_rtu",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "3.36b"
}
],
"defaultStatus": "unknown"
}
]Related
nessus
nessus
Mitsubishi INEA ME RTU OS Command Injection (CVE-2023-35762)
2023-11-29 00:00:00
cvelist
cvelist
CVE-2023-35762 OS Command Injection in INEA ME RTU
2023-11-20 16:25:56
nvd
nvd
CVE-2023-35762
2023-11-20 17:15:13
prion
prion
Command injection
2023-11-20 17:15:00
cve
cve
CVE-2023-35762
2023-11-20 17:15:13
ics
ics
INEA ME RTU
2023-10-31 12:00:00
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
7.7
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2023-35762