Filtered by vendor Redlioncontrols Subscriptions
Filtered by product St-ipm-6350 Firmware Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-42770 1 Redlioncontrols 12 St-ipm-6350, St-ipm-6350 Firmware, St-ipm-8460 and 9 more 2024-11-21 10 Critical
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge.
CVE-2023-40151 1 Redlioncontrols 12 St-ipm-6350, St-ipm-6350 Firmware, St-ipm-8460 and 9 more 2024-11-21 10 Critical
When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP the RTU will simply accept the message with no authentication challenge.