CNNVD-202511-2290 Information

CNNVD ID

CNNVD-202511-2290

Related CVE

CVE-2025-13087

• CNNVD Published: 2025-11-20

Description (Chinese)

Opto 22 groov RIO是美国Opto 22公司的一个工业型远程I/O模块。 Opto 22 groov RIO存在操作系统命令注入漏洞，该漏洞源于不安全使用头部值构建命令，可能导致远程代码执行。

Description (English)

Opto 22 Groov RIO is an industrial long-range I/O module of Opto 22 in the United States. Opto 22 Groov RIO has an operational system command leak that results from unsafe use of head value construction commands, which may lead to remote code execution.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

OPTO 22

Published

2025-11-20

Last Modified

2026-02-24

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-324-03.json https://www.cisa.gov/news-events/ics-advisories/icsa-25-324-03 https://www.opto22.com/support/resources-tools/knowledgebase/kb91326

Patch

https://www.opto22.com/support/resources-tools/knowledgebase/kb91326