CVE-2023-29155
CVSS V2 None
CVSS V3 None
Description
Versions of INEA ME RTU firmware 3.36b and prior do not require authentication to the "root" account on the host system of the device. This could allow an attacker to obtain admin-level access to the host system.
Overview
- CVE ID
- CVE-2023-29155
- Assigner
- icscert
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-11-20T16:28:20.585Z
- Last Modified Date
- 2023-11-20T16:28:20.585Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-02 | government-resource |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-29155 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29155 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 04:24:19 | Added to TrackCVE |