CVE-2013-0689
Last modified
CVE-2013-0689 is a vulnerability of currently unknown severity. The TFTP server on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to upload files and consequently execute arbitrary code via unspecified vectors.. EPSS estimates a 5.04% chance of exploitation in the next 30 days.
Description
The TFTP server on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to upload files and consequently execute arbitrary code via unspecified vectors.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Enea | Ose | <= 1.20 |
| Emerson | Roc 800l Remote Terminal Unit | All versions |
| Enea | Ose | <= 3.50 |
| Emerson | Roc 800 Remote Terminal Unit | All versions |
| Enea | Ose | <= 2.30 |
| Emerson | Dl 8000 Remote Terminal Unit | All versions |
References
- http://ics-cert.us-cert.gov/advisories/ICSA-13-259-01US Government Resource
- http://ics-cert.us-cert.gov/advisories/ICSA-13-259-01US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-0689?
How severe is CVE-2013-0689?
How do I fix CVE-2013-0689?
Are you affected by CVE-2013-0689?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST