PT-2013-2536 · Enea+1 · Enea Ose+2
Published
2013-10-03
·
Updated
2013-10-03
·
CVE-2013-0693
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Emerson Process Management ROC800 RTU versions 3.50 and earlier
Emerson Process Management DL8000 RTU versions 2.30 and earlier
Emerson Process Management ROC800L RTU versions 1.20 and earlier
Description
The issue allows remote attackers to obtain potentially sensitive information about device presence by listening for broadcast traffic, as the kernel in ENEA OSE performs network-beacon broadcasts.
Recommendations
For Emerson Process Management ROC800 RTU versions 3.50 and earlier, consider disabling network-beacon broadcasts until a patch is available.
For Emerson Process Management DL8000 RTU versions 2.30 and earlier, consider disabling network-beacon broadcasts until a patch is available.
For Emerson Process Management ROC800L RTU versions 1.20 and earlier, consider disabling network-beacon broadcasts until a patch is available.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dl8000 Rtu
Enea Ose
Roc800L Rtu