Vulnerabilities > CVE-2023-43609 - Unspecified vulnerability in Emerson products

CVSS 9.1 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

emerson

critical

NVD

Published: 2024-02-09

Updated: 2024-02-15

Summary

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could obtain access to sensitive information or cause a denial-of-service condition.

Vulnerable Configurations

Part	Description	Count
OS	Emerson Emerson Gc370Xa Firmware 4.1.5 Emerson Gc700Xa Firmware 4.1.5 Emerson Gc1500Xa Firmware 4.1.5	3
Hardware	Emerson Emerson Gc370Xa - Emerson Gc700Xa - Emerson Gc1500Xa -	3

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01
https://www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdf