cbcvebase.
CVE-2023-35762
published 2023-11-20

CVE-2023-35762: Versions of INEA ME RTU firmware 3.36b and prior are vulnerable to operating system (OS) command injection, which could allow remote code execution.

PriorityP269critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.70%
74.3th percentile
Versions of INEA ME RTU firmware 3.36b and prior are vulnerable to operating system (OS) command injection, which could allow remote code execution.

Affected

2 ranges
VendorProductVersion rangeFixed in
ineame_rtu<= 3.36b
ineame_rtu_firmware< 3.373.37

Detection & IOCsextracted from sources · hover to see the quote

  • Target device: INEA ME RTU firmware versions 3.36b and prior are vulnerable to OS command injection (CVE-2023-35762), exploitable remotely with low complexity and low privileges required.
  • A companion vulnerability (CVE-2023-29155) on the same device allows unauthenticated access to the 'root' account, which can be chained with CVE-2023-35762 to achieve full admin-level RCE without any credentials.
  • CVSS v3 score of 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H) — network-reachable INEA ME RTU devices should be treated as high-priority detection targets; monitor for unexpected outbound connections or command execution from RTU host processes.
  • Critical infrastructure sectors (Energy, Water and Wastewater, Transportation) are the primary deployment environments; prioritize detection and network segmentation monitoring for INEA ME RTU devices in these sectors.
  • ·No public exploitation has been reported to CISA at time of advisory publication; no proof-of-concept or exploit code IOCs are available from these sources.
  • ·The advisory covers two CVEs on the same product/firmware line; CVE-2023-29155 (missing authentication for root) is a distinct but closely related vulnerability that should be assessed alongside CVE-2023-35762 when evaluating exposure.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.