CVE-2013-0689

Enea Ose < 1.20 - Code Injection

Title source: rule
STIX 2.1

Description

The TFTP server on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to upload files and consequently execute arbitrary code via unspecified vectors.

References (1)

Core 1
Core References
US Government Resource x_refsource_misc
http://ics-cert.us-cert.gov/advisories/ICSA-13-259-01

Scores

EPSS 0.0504
EPSS Percentile 91.2%

Details

CWE
CWE-94
Status published
Products (4)
emerson/dl_8000_remote_terminal_unit
emerson/roc_800_remote_terminal_unit
emerson/roc_800l_remote_terminal_unit
enea/ose < 1.20
Published Oct 03, 2013
Tracked Since Feb 18, 2026