Vulnerabilities > CVE-2022-2789 - Unspecified vulnerability in Emerson Electric'S Proficy

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

local

low complexity

emerson

NVD

Published: 2022-08-19

Updated: 2024-11-21

Summary

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic.

Vulnerable Configurations

Part	Description	Count
Application	Emerson Emerson Electric'S Proficy *	1

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-06
https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-06