CVE-2023-42770

Name of the Vulnerable Software and Affected Versions Red Lion SixTRAK and VersaTRAK Series RTUs (affected versions not specified)

Description The issue is related to the authentication function in Red Lion SixTRAK and VersaTRAK Series RTUs. When authenticated users are enabled, any Sixnet UDR message received over UDP/IP will meet an authentication challenge. However, the same message received over TCP/IP will be accepted without an authentication challenge, potentially allowing a remote attacker to execute arbitrary commands with administrative privileges.

Recommendations For Red Lion SixTRAK and VersaTRAK Series RTUs, consider disabling the UDR-A authentication feature until a patch is available to prevent exploitation. Restrict access to the RTUs over TCP/IP to minimize the risk of unauthorized command execution. As a temporary workaround, limit the use of Sixnet UDR messages over TCP/IP until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.