CVE-2023-42770
published 2023-11-21CVE-2023-42770: Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP…
PriorityP356critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.88%
54.5th percentile
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| red_lion_controls | st-ipm-6350 | — | — |
| red_lion_controls | st-ipm-8460 | — | — |
| red_lion_controls | vt-ipm2m-113-d | — | — |
| red_lion_controls | vt-ipm2m-213-d | — | — |
| red_lion_controls | vt-mipm-135-d | — | — |
| red_lion_controls | vt-mipm-245-d | — | — |
| redlioncontrols | st-ipm-6350_firmware | — | — |
| redlioncontrols | st-ipm-8460_firmware | — | — |
| redlioncontrols | vt-ipm2m-113-d_firmware | — | — |
| redlioncontrols | vt-ipm2m-213-d_firmware | — | — |
| redlioncontrols | vt-mipm-135-d_firmware | — | — |
| redlioncontrols | vt-mipm-245-d_firmware | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Red Lion Sixnet RTUs
cisa_ics·2023-11-16·CVSS 10.0
[CRITICAL] Red Lion Sixnet RTUs
ICS Advisory
##
Red Lion Sixnet RTUs
Release DateNovember 16, 2023
Alert CodeICSA-23-320-01
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 10.0
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Red Lion
- Equipment: Sixnet RTU
- Vulnerabilities: Authentication Bypass using an Alternative Path or Channel, Exposed Dangerous Method or Function
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to execute commands with high privileges.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following Red Lion products are affected:
- ST-IPm-8460: Firmware 6.0.202 and later
- ST-IPm-6350: Firmware version 4.9.114 and later
- VT-mIPm-135-D: Firmware version 4.9.114 and later
- VT-mIPm-2
GHSA
GHSA-vwrm-49fw-hjgj: Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over
ghsa_unreviewed·2023-11-21
CVE-2023-42770 [CRITICAL] CWE-288 GHSA-vwrm-49fw-hjgj: Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://https://support.redlion.net/hc/en-us/articles/19339209248269-RLCSIM-2023-05-Authentication-Bypass-and-Remote-Code-Executionhttps://www.cisa.gov/news-events/ics-advisories/icsa-23-320-01https://https://support.redlion.net/hc/en-us/articles/19339209248269-RLCSIM-2023-05-Authentication-Bypass-and-Remote-Code-Executionhttps://www.cisa.gov/news-events/ics-advisories/icsa-23-320-01
2023-11-21
Published