Vulnerabilities > Emerson > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-24 | CVE-2020-10636 | Inadequate Encryption Strength vulnerability in Emerson Openenterprise Scada Server 2.8.3/3.1/3.3.3 Inadequate encryption may allow the passwords for Emerson OpenEnterprise versions through 3.3.4 user accounts to be obtained. | 7.5 |
| 2022-02-14 | CVE-2021-45421 | Information Exposure vulnerability in Emerson Dixell Xweb-500 Firmware Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. | 7.5 |
| 2022-01-28 | CVE-2021-44463 | Uncontrolled Search Path Element vulnerability in Emerson Deltav Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation on the DeltaV Distributed Control System Controllers and Workstations (All versions) when some DeltaV services are started. | 7.3 |
| 2021-10-22 | CVE-2021-38485 | Unspecified vulnerability in Emerson products The affected product is vulnerable to improper input validation in the restore file. | 8.8 |
| 2021-10-22 | CVE-2021-42538 | Command Injection vulnerability in Emerson products The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input. | 8.8 |
| 2021-10-22 | CVE-2021-42539 | Unspecified vulnerability in Emerson products The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change. | 8.8 |
| 2021-10-22 | CVE-2021-42540 | Unspecified vulnerability in Emerson products The affected product is vulnerable to a unsanitized extract folder for system configuration. | 8.8 |
| 2021-10-22 | CVE-2021-42542 | Unspecified vulnerability in Emerson products The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure. | 8.8 |
| 2021-05-20 | CVE-2021-27457 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Emerson products A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. | 7.5 |
| 2021-05-20 | CVE-2021-27461 | Unspecified vulnerability in Emerson products A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. | 7.5 |