CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
64.5%
The Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier have hardcoded credentials in a ROM, which makes it easier for remote attackers to obtain shell access to the underlying OS by leveraging knowledge of the ROM contents from a product installation elsewhere.
Vendor | Product | Version | CPE |
---|---|---|---|
enea | ose | * | cpe:2.3:o:enea:ose:*:*:*:*:*:*:*:* |
emerson | dl_8000_remote_terminal_unit | - | cpe:2.3:h:emerson:dl_8000_remote_terminal_unit:-:*:*:*:*:*:*:* |
emerson | roc_800l_remote_terminal_unit | - | cpe:2.3:h:emerson:roc_800l_remote_terminal_unit:-:*:*:*:*:*:*:* |
emerson | roc_800_remote_terminal_unit | - | cpe:2.3:h:emerson:roc_800_remote_terminal_unit:-:*:*:*:*:*:*:* |