Vulnerabilities (CVE)

Filtered by vendor Redlioncontrols Subscribe
Filtered by product St-ipm-6350 Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-42770 1 Redlioncontrols 12 St-ipm-6350, St-ipm-6350 Firmware, St-ipm-8460 and 9 more 2024-11-21 N/A 10.0 CRITICAL
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge.
CVE-2023-40151 1 Redlioncontrols 12 St-ipm-6350, St-ipm-6350 Firmware, St-ipm-8460 and 9 more 2024-11-21 N/A 10.0 CRITICAL
When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP the RTU will simply accept the message with no authentication challenge.