CVE-2018-10605

Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify/upload a new system configuration or take the full control over the RTU using default credentials to connect to the RTU.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
VendorProductVersion
martemtelem-gw6_firmware
𝑥
< 2.0.87-4018403-k4
martemtelem-gwm_firmware
𝑥
< 2.0.87-4018403-k4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://ics-cert.us-cert.gov/advisories/ICSA-18-142-01
https://martem.eu/csa/Martem_CSA_Telem_1805183.pdf
https://ics-cert.us-cert.gov/advisories/ICSA-18-142-01
https://martem.eu/csa/Martem_CSA_Telem_1805183.pdf