CVE-2023-2131:
First published: Thu Apr 20 2023(Updated: )
Versions of INEA ME RTU firmware prior to 3.36 are vulnerable to OS command injection, which could allow an attacker to remotely execute arbitrary code.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| INEA ME RTU firmware | <3.36 | |
| INEA ME RTU | ||
| INEA ME RTU: versions prior to 3.36 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-2131?
CVE-2023-2131 is a vulnerability in INEA ME RTU firmware versions prior to 3.36 that allows for OS command injection, potentially leading to remote code execution.
How severe is CVE-2023-2131?
CVE-2023-2131 has a severity rating of 9.8, which is classified as critical.
How does CVE-2023-2131 impact INEA ME RTU firmware?
CVE-2023-2131 allows an attacker to remotely execute arbitrary code by exploiting the OS command injection vulnerability present in INEA ME RTU firmware versions prior to 3.36.
Is INEA ME RTU firmware version 3.36 affected by CVE-2023-2131?
No, INEA ME RTU firmware version 3.36 is not affected by CVE-2023-2131.
How can I fix CVE-2023-2131 in INEA ME RTU firmware?
To fix CVE-2023-2131, you should update your INEA ME RTU firmware to version 3.36 or higher, which does not contain the OS command injection vulnerability.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/author
- agent/references
- agent/description
- collector/ics-cert-advisory
- source/ICS
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/title
- agent/first-publish-date
- agent/event
- agent/tags
- agent/trending
- vendor/inea
- canonical/inea me rtu firmware
- canonical/inea me rtu
- canonical/inea me rtu: versions prior to 3.36