CVE-2013-0694

Name of the Vulnerable Software and Affected Versions Emerson Process Management ROC800 RTU versions 3.50 and earlier Emerson Process Management DL8000 RTU versions 2.30 and earlier Emerson Process Management ROC800L RTU versions 1.20 and earlier

Description The issue allows remote attackers to obtain shell access to the underlying OS by leveraging knowledge of the ROM contents from a product installation elsewhere, due to hardcoded credentials in a ROM.

Recommendations For Emerson Process Management ROC800 RTU versions 3.50 and earlier, consider changing the hardcoded credentials to unique, secure credentials. For Emerson Process Management DL8000 RTU versions 2.30 and earlier, consider changing the hardcoded credentials to unique, secure credentials. For Emerson Process Management ROC800L RTU versions 1.20 and earlier, consider changing the hardcoded credentials to unique, secure credentials.