Vulnerabilities (CVE)

Filtered by vendor Redlioncontrols Subscribe
Filtered by product Vt-ipm2m-113-d
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-40151 1 Redlioncontrols 12 St-ipm-6350, St-ipm-6350 Firmware, St-ipm-8460 and 9 more 2024-02-28 N/A 9.8 CRITICAL
When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP the RTU will simply accept the message with no authentication challenge.
CVE-2023-42770 1 Redlioncontrols 12 St-ipm-6350, St-ipm-6350 Firmware, St-ipm-8460 and 9 more 2024-02-28 N/A 9.8 CRITICAL
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge.