CVE-2013-2810

Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:emerson:dl_8000_remote_terminal_unit_firmware:2.30:*:*:*:*:*:*:*
cpe:2.3:h:emerson:dl_8000_remote_terminal_unit:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:emerson:roc_800l_remote_terminal_unit_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:emerson:roc_800l_remote_terminal_unit:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:emerson:roc_800_remote_terminal_unit_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:emerson:roc_800_remote_terminal_unit:-:*:*:*:*:*:*:*

History

21 Nov 2024, 01:52

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/71425 - () http://www.securityfocus.com/bid/71425 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/99131 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/99131 -
References () https://ics-cert.us-cert.gov/advisories/ICSA-13-259-01A - Third Party Advisory, US Government Resource () https://ics-cert.us-cert.gov/advisories/ICSA-13-259-01A - Third Party Advisory, US Government Resource

Information

Published : 2014-12-08 11:59

Updated : 2024-11-21 01:52


NVD link : CVE-2013-2810

Mitre link : CVE-2013-2810

CVE.ORG link : CVE-2013-2810


JSON object : View

Products Affected

emerson

  • roc_800l_remote_terminal_unit_firmware
  • dl_8000_remote_terminal_unit
  • roc_800l_remote_terminal_unit
  • dl_8000_remote_terminal_unit_firmware
  • roc_800_remote_terminal_unit_firmware
  • roc_800_remote_terminal_unit
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')