← Back to home
ICSA-22-321-01  ·  Published 2022-11-17  ·  View on CISA ICS-CERT ↗

Red Lion Crimson

CVSS 7.5 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to obtain user credential hashes.

CVEs (1)

Remediations

  • Crimson 3.0: Version 711.00
  • Crimson 3.1: Version 3126.02
  • Crimson 3.2: Version 3.0045
  • Users should avoid opening files originating from outside the organization.
  • Users should verify files come from a trusted source prior to opening.
  • For more information and details, see Red Lion Security Bulletin RLCSB-2022ST31.

Affected Vendors

Red Lion, AutomationDirect

Affected Products (3)

Red Lion, AutomationDirect · Crimson 3.0 <= 707.000
Red Lion, AutomationDirect · Crimson 3.1 <= 3126.001
Red Lion, AutomationDirect · Crimson 3.2 <= 3.2.0044.0

Affected Sectors

Multiple Sectors

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more