CVE-2022-30264

Name of the Vulnerable Software and Affected Versions Emerson ROC and FloBoss RTU product lines through 2022-05-02

Description The issue is related to insecure filesystem operations in the Emerson ROC and FloBoss RTU product lines. These products use the ROC protocol for communications between a master terminal and RTUs, specifically via ports 4000/TCP and 5000/TCP. The protocol's Opcode 203 allows a master terminal to perform arbitrary file and directory read, write, and delete operations on the flash filesystem. This could potentially allow a remote attacker to execute arbitrary code due to insecure privilege management.

Recommendations For Emerson ROC and FloBoss RTU product lines through 2022-05-02, consider disabling the use of Opcode 203 in the ROC protocol until a secure update is available. Restrict access to the flash filesystem to minimize the risk of exploitation. Avoid using the ROC protocol for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.