CVE-2023-35762

Summary

Versions of INEA ME RTU firmware 3.36b and prior are vulnerable to operating system (OS) command injection, which could allow remote code execution.

Affected Software

VendorProductVersion RangeStatus
INEAME RTU0 <= 3.36baffected

Weaknesses

  • CWE-78: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References