cbcvebase.
CVE-2023-2131
published 2023-04-20

CVE-2023-2131: Versions of INEA ME RTU firmware prior to 3.36 are vulnerable to OS command injection, which could allow an attacker to remotely execute arbitrary code.

PriorityP269critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.73%
74.7th percentile
Versions of INEA ME RTU firmware prior to 3.36 are vulnerable to OS command injection, which could allow an attacker to remotely execute arbitrary code.

Affected

2 ranges
VendorProductVersion rangeFixed in
ineame_rtu< 3.363.36
ineame_rtu_firmware< 3.363.36

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability class is OS Command Injection (CWE-78) in INEA ME RTU firmware; detection should focus on anomalous command execution originating from the RTU web/network interface
  • The vulnerability is network-exploitable with no authentication and no user interaction required (CVSS AV:N/AC:L/PR:N/UI:N), so monitor for unauthenticated remote connections to INEA ME RTU devices
  • Prioritize detection for INEA ME RTU devices running firmware versions prior to 3.36 exposed on OT/ICS networks, particularly in Energy, Water/Wastewater, and Transportation sectors
  • ·No known public exploits exist for this vulnerability at time of advisory publication, limiting signature-based detection options
  • ·Affected version scope is all INEA ME RTU firmware prior to 3.36; version fingerprinting of deployed RTUs is necessary to assess exposure
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.