{"api_version":"1","generated_at":"2026-04-23T10:55:54+00:00","cve":"CVE-2013-2810","urls":{"html":"https://cve.report/CVE-2013-2810","api":"https://cve.report/api/cve/CVE-2013-2810.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2013-2810","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2013-2810"},"summary":{"title":"CVE-2013-2810","description":"Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack.","state":"PUBLIC","assigner":"ics-cert@hq.dhs.gov","published_at":"2014-12-08 11:59:00","updated_at":"2017-08-29 01:33:00"},"problem_types":["CWE-77"],"metrics":[],"references":[{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-13-259-01A","name":"https://ics-cert.us-cert.gov/advisories/ICSA-13-259-01A","refsource":"MISC","tags":["Third Party Advisory","US Government Resource"],"title":"Emerson ROC800 Multiple Vulnerabilities (Update B) | ICS-CERT","mime":"text/html","httpstatus":"403","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/71425","name":"71425","refsource":"BID","tags":[],"title":"Multiple Emerson Process Management RTUs CVE-2013-2810 Security Bypass Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/99131","name":"rtu-cve20142810-command-exec(99131)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2013-2810","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-2810","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2013","cve_id":"2810","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"emerson","cpe5":"dl_8000_remote_terminal_unit","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"2810","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"emerson","cpe5":"dl_8000_remote_terminal_unit","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"2810","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"emerson","cpe5":"dl_8000_remote_terminal_unit_firmware","cpe6":"2.30","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"2810","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"emerson","cpe5":"dl_8000_remote_terminal_unit_firmware","cpe6":"2.30","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"2810","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"emerson","cpe5":"roc_800l_remote_terminal_unit","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"2810","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"emerson","cpe5":"roc_800l_remote_terminal_unit","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"2810","vulnerable":"1","versionEndIncluding":"1.20","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"emerson","cpe5":"roc_800l_remote_terminal_unit_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"2810","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"emerson","cpe5":"roc_800_remote_terminal_unit","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"2810","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"emerson","cpe5":"roc_800_remote_terminal_unit","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"2810","vulnerable":"1","versionEndIncluding":"3.50","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"emerson","cpe5":"roc_800_remote_terminal_unit_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2013-2810","qid":"590584","title":"Emerson ROC800 (Update B) Multiple Vulnerabilities (ICSA-13-259-01B)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"ics-cert@hq.dhs.gov","ID":"CVE-2013-2810","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"https://ics-cert.us-cert.gov/advisories/ICSA-13-259-01A","refsource":"MISC","url":"https://ics-cert.us-cert.gov/advisories/ICSA-13-259-01A"},{"name":"71425","refsource":"BID","url":"http://www.securityfocus.com/bid/71425"},{"name":"rtu-cve20142810-command-exec(99131)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/99131"}]}},"nvd":{"publishedDate":"2014-12-08 11:59:00","lastModifiedDate":"2017-08-29 01:33:00","problem_types":["CWE-77"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":10},"severity":"HIGH","exploitabilityScore":10,"impactScore":10,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:emerson:dl_8000_remote_terminal_unit_firmware:2.30:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:h:emerson:dl_8000_remote_terminal_unit:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:emerson:roc_800l_remote_terminal_unit_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.20","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:h:emerson:roc_800l_remote_terminal_unit:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:emerson:roc_800_remote_terminal_unit_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.50","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:h:emerson:roc_800_remote_terminal_unit:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2013","CveId":"2810","Ordinal":"62454","Title":"CVE-2013-2810","CVE":"CVE-2013-2810","Year":"2013"},"notes":[{"CveYear":"2013","CveId":"2810","Ordinal":"1","NoteData":"Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack.","Type":"Description","Title":null},{"CveYear":"2013","CveId":"2810","Ordinal":"2","NoteData":"2014-12-08","Type":"Other","Title":"Published"},{"CveYear":"2013","CveId":"2810","Ordinal":"3","NoteData":"2017-08-28","Type":"Other","Title":"Modified"}]}}}