Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge.
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge.
| Vendor | Product | Versions |
|---|---|---|
| Red Lion Controls | ST | IPm-8460 — 6.0.202 |
| Red Lion Controls | ST | IPm-6350 — 4.9.114 |
| Red Lion Controls | VT | mIPm-135-D — 4.9.114 |
| Red Lion Controls | VT | mIPm-245-D — 4.9.114 |
| Red Lion Controls | VT | IPm2m-213-D — 4.9.114 |
| Red Lion Controls | VT | IPm2m-113-D — 4.9.114 |
Not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog. EPSS is the best forward-looking signal — see the EPSS row above.
For the full vendor write-up, exploit chains, and reference implementations, see the references list in section 09.
Open the Sigma generator with a pre-filled prompt for this CVE to draft a starting detection in your stack of choice:
No directly-cited follow-up CVEs in the KB record for this advisory. The references list in section 09 carries the vendor cross-references.