Vulnerabilities > Emerson
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-19 | CVE-2022-2793 | Insufficient Verification of Data Authenticity vulnerability in Emerson Electric'S Proficy Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol. | 7.8 |
2022-08-19 | CVE-2022-2788 | Path Traversal vulnerability in Emerson Electric'S Proficy Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: '\..\Filename', also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. | 7.3 |
2022-08-17 | CVE-2022-30262 | Insufficient Verification of Data Authenticity vulnerability in Emerson products The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity. | 7.8 |
2022-08-16 | CVE-2022-29959 | Insufficiently Protected Credentials vulnerability in Emerson Openbsi 5.9 Emerson OpenBSI through 2022-04-29 mishandles credential storage. | 5.5 |
2022-08-16 | CVE-2022-30264 | Insufficient Verification of Data Authenticity vulnerability in Emerson products The Emerson ROC and FloBoss RTU product lines through 2022-05-02 perform insecure filesystem operations. | 9.8 |
2022-07-26 | CVE-2022-29957 | Missing Authentication for Critical Function vulnerability in Emerson Deltav Distributed Control System The Emerson DeltaV Distributed Control System (DCS) through 2022-04-29 mishandles authentication. | 7.8 |
2022-07-26 | CVE-2022-29960 | Use of Hard-coded Credentials vulnerability in Emerson Openbsi 5.9 Emerson OpenBSI through 2022-04-29 uses weak cryptography. | 5.5 |
2022-07-26 | CVE-2022-29962 | Use of Hard-coded Credentials vulnerability in Emerson products The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. | 5.5 |
2022-07-26 | CVE-2022-29963 | Use of Hard-coded Credentials vulnerability in Emerson products The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. | 5.5 |
2022-07-26 | CVE-2022-29964 | Use of Hard-coded Credentials vulnerability in Emerson products The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. | 5.5 |