When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP the RTU will simply accept the message with no authentication challenge.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-11-21T00:11:10.081Z

Updated: 2024-08-02T18:24:55.459Z

Reserved: 2023-09-18T22:41:48.086Z

Link: CVE-2023-40151

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-11-21T00:15:06.953

Modified: 2024-11-21T08:18:52.653

Link: CVE-2023-40151

cve-icon Redhat

No data.