When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message
When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP the RTU will simply accept the message with no authentication challenge.
| Vendor | Product | Versions |
|---|---|---|
| Red Lion Controls | ST | IPm-8460 — 6.0.202 |
| Red Lion Controls | ST | IPm-6350 — 4.9.114 |
| Red Lion Controls | VT | mIPm-135-D — 4.9.114 |
| Red Lion Controls | VT | mIPm-245-D — 4.9.114 |
| Red Lion Controls | VT | IPm2m-213-D — 4.9.114 |
| Red Lion Controls | VT | IPm2m-113-D — 4.9.114 |
Not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog. EPSS is the best forward-looking signal — see the EPSS row above.
For the full vendor write-up, exploit chains, and reference implementations, see the references list in section 09.
Open the Sigma generator with a pre-filled prompt for this CVE to draft a starting detection in your stack of choice:
No directly-cited follow-up CVEs in the KB record for this advisory. The references list in section 09 carries the vendor cross-references.