Lucene search
IcscertCVE-2023-35762HistoryNov 20, 2023 - 5:15 p.m.
CVE-2023-35762
2023-11-2017:15:13
CWE-78
icscert
web.nvd.nist.gov
20
inea me rtu
firmware
vulnerability
os command injection
remote code execution
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
56.1%
Versions of INEA ME RTU firmware 3.36b and prior are vulnerable to operating system (OS) command injection, which could allow remote code execution.
Affected configurations
Node
ineame_rtuMatch-
ineame_rtu_firmwareRange<3.37
| Vendor | Product | Version | CPE |
|---|---|---|---|
| inea | me_rtu | - | cpe:2.3:h:inea:me_rtu:-:*:*:*:*:*:*:* |
| inea | me_rtu_firmware | * | cpe:2.3:o:inea:me_rtu_firmware:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "ME RTU",
"vendor": "INEA",
"versions": [
{
"lessThanOrEqual": "3.36b",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
nessus
nessus
Mitsubishi INEA ME RTU OS Command Injection (CVE-2023-35762)
2023-11-29 00:00:00
vulnrichment
vulnrichment
CVE-2023-35762 OS Command Injection in INEA ME RTU
2023-11-20 16:25:56
cvelist
cvelist
CVE-2023-35762 OS Command Injection in INEA ME RTU
2023-11-20 16:25:56
nvd
nvd
CVE-2023-35762
2023-11-20 17:15:13
prion
prion
Command injection
2023-11-20 17:15:00
ics
ics
INEA ME RTU
2023-10-31 12:00:00
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
56.1%
Related for CVE-2023-35762