Vulnerabilities > CVE-2022-2792 - Unspecified vulnerability in Emerson Electric'S Proficy

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

emerson

NVD

Published: 2022-08-19

Updated: 2023-06-28

Summary

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-284 Improper Access Control, and stores project data in a directory with improper access control lists.

Vulnerable Configurations

Part	Description	Count
Application	Emerson Emerson Electric'S Proficy *	1

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-06