{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-12-02T00:00:00", "descriptions": [{"lang": "en", "value": "Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-13-259-01A"}, {"name": "71425", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/71425"}, {"name": "rtu-cve20142810-command-exec(99131)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99131"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2013-2810", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://ics-cert.us-cert.gov/advisories/ICSA-13-259-01A", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-13-259-01A"}, {"name": "71425", "refsource": "BID", "url": "http://www.securityfocus.com/bid/71425"}, {"name": "rtu-cve20142810-command-exec(99131)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99131"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T15:52:21.350Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-13-259-01A"}, {"name": "71425", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/71425"}, {"name": "rtu-cve20142810-command-exec(99131)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99131"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2013-2810", "datePublished": "2014-12-08T11:00:00", "dateReserved": "2013-04-11T00:00:00", "dateUpdated": "2024-08-06T15:52:21.350Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:dl_8000_remote_terminal_unit_firmware:2.30:*:*:*:*:*:*:*", "matchCriteriaId": "D6A1C577-7505-42FE-BDD1-174783E061DF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:dl_8000_remote_terminal_unit:-:*:*:*:*:*:*:*", "matchCriteriaId": "E57C5C99-9480-4506-B8B4-A83485050B91", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:roc_800l_remote_terminal_unit_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7BED9FC1-2E3E-4B22-A7E7-30C0DAEE803C", "versionEndIncluding": "1.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:roc_800l_remote_terminal_unit:-:*:*:*:*:*:*:*", "matchCriteriaId": "1935960D-E2BF-4348-AE45-29DDC1683C8D", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:roc_800_remote_terminal_unit_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F3FF7157-3679-40C3-BC80-1DCE0177865B", "versionEndIncluding": "3.50", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:roc_800_remote_terminal_unit:-:*:*:*:*:*:*:*", "matchCriteriaId": "80C553AD-326E-4135-BA54-35830CD6B13C", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack."}, {"lang": "es", "value": "Emerson Process Management ROC800 RTU con software 3.50 y anteriores, DL8000 RTU con software 2.30 y anteriores y ROC800L RTU con software 1.20 y anteriores permiten a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de un ataque de reproducci\u00f3n de TCP."}], "id": "CVE-2013-2810", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-12-08T11:59:00.077", "references": [{"source": "ics-cert@hq.dhs.gov", "url": "http://www.securityfocus.com/bid/71425"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99131"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-13-259-01A"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/71425"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99131"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-13-259-01A"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}