Critical Vulnerabilities in Red Lion Sixnet and VersaTRAK RTUs
Summary
Hide ▲
Show ▼
Two critical vulnerabilities (CVE-2023-40151 and CVE-2023-42770) in Red Lion Sixnet and VersaTRAK remote terminal units (RTUs) could allow unauthenticated attackers to execute commands with root privileges. These RTUs are widely used in industrial automation and control systems across various sectors, including energy, water, and manufacturing. The vulnerabilities stem from authentication bypass and remote code execution flaws in the Sixnet Universal Driver. The affected products include several models with specific firmware versions, and users are advised to apply patches and enable user authentication to mitigate the risks.
Timeline
-
15.10.2025 09:50 1 articles · 23h ago
Critical Vulnerabilities in Red Lion Sixnet and VersaTRAK RTUs Disclosed
Two critical vulnerabilities (CVE-2023-40151 and CVE-2023-42770) in Red Lion Sixnet and VersaTRAK RTUs were disclosed. These vulnerabilities allow unauthenticated attackers to execute commands with root privileges. The affected products include several models with specific firmware versions, and users are advised to apply patches and enable user authentication to mitigate the risks. The vulnerabilities stem from authentication bypass and remote code execution flaws in the Sixnet Universal Driver.
Show sources
- Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control — thehackernews.com — 15.10.2025 09:50
Information Snippets
-
The vulnerabilities affect Red Lion SixTRAK and VersaTRAK RTUs, which are used in industrial automation and control systems across multiple sectors.
First reported: 15.10.2025 09:501 source, 1 articleShow sources
- Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control — thehackernews.com — 15.10.2025 09:50
-
CVE-2023-42770 is an authentication bypass vulnerability that occurs due to the Sixnet RTU software listening on the same port for UDP and TCP, accepting messages over TCP without authentication.
First reported: 15.10.2025 09:501 source, 1 articleShow sources
- Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control — thehackernews.com — 15.10.2025 09:50
-
CVE-2023-40151 is a remote code execution vulnerability that exploits the Sixnet Universal Driver's support for Linux shell command execution to run arbitrary code with root privileges.
First reported: 15.10.2025 09:501 source, 1 articleShow sources
- Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control — thehackernews.com — 15.10.2025 09:50
-
The affected RTUs include ST-IPm-8460, ST-IPm-6350, VT-mIPm-135-D, VT-mIPm-245-D, VT-IPm2m-213-D, and VT-IPm2m-113-D with specific firmware versions.
First reported: 15.10.2025 09:501 source, 1 articleShow sources
- Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control — thehackernews.com — 15.10.2025 09:50
-
Users are advised to apply patches and enable user authentication to mitigate the risks associated with these vulnerabilities.
First reported: 15.10.2025 09:501 source, 1 articleShow sources
- Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control — thehackernews.com — 15.10.2025 09:50