Roaring Access: Exploiting a Pre-Auth Root RCE on Sixnet RTUs

Team82 discloses two critical vulnerabilities (CVE-2023-42770) in Red Lion Sixnet RTUs (SixTRAK and VersaTRAK) where the Sixnet Universal protocol's TCP handling bypasses UDP-based authentication on port 1594, allowing unauthenticated remote execution of shell commands as root; Red Lion and CISA have published advisories and patches, and organizations are urged to apply updates and block TCP access.