CVE-2013-0689 — HIGH (10.0)

Q: How severe is CVE-2013-0689?

CVE-2013-0689 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2013-0689?

Check the references section above for vendor advisories and patch information. Affected products include: Enea Ose, Emerson Roc 800L Remote Terminal Unit, Emerson Roc 800 Remote Terminal Unit, Emerson Dl 8000 Remote Terminal Unit.

Vulnerability Description

The TFTP server on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to upload files and consequently execute arbitrary code via unspecified vectors.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Enea	Ose	<= 1.20
Emerson	Roc 800L Remote Terminal Unit	-
Emerson	Roc 800 Remote Terminal Unit	-
Emerson	Dl 8000 Remote Terminal Unit	-

Related Weaknesses (CWE)

CWE-94

References

http://ics-cert.us-cert.gov/advisories/ICSA-13-259-01US Government Resource
http://ics-cert.us-cert.gov/advisories/ICSA-13-259-01US Government Resource

FAQ

What is CVE-2013-0689?

CVE-2013-0689 is a vulnerability with a CVSS score of 10.0 (HIGH). The TFTP server on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote att...

How severe is CVE-2013-0689?

CVE-2013-0689 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-0689?

Check the references section above for vendor advisories and patch information. Affected products include: Enea Ose, Emerson Roc 800L Remote Terminal Unit, Emerson Roc 800 Remote Terminal Unit, Emerson Dl 8000 Remote Terminal Unit.