Vulnerabilities > Emerson > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-19 | CVE-2022-2789 | Insufficient Verification of Data Authenticity vulnerability in Emerson Electric'S Proficy Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic. | 5.5 |
| 2022-08-19 | CVE-2022-2790 | Improper Verification of Cryptographic Signature vulnerability in Emerson Electric'S Proficy Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-347 Improper Verification of Cryptographic Signature, and does not properly verify compiled logic (PDT files) and data blocks data (BLD/BLK files). | 5.9 |
| 2022-08-16 | CVE-2022-29959 | Insufficiently Protected Credentials vulnerability in Emerson Openbsi 5.9 Emerson OpenBSI through 2022-04-29 mishandles credential storage. | 5.5 |
| 2022-07-26 | CVE-2022-29960 | Use of Hard-coded Credentials vulnerability in Emerson Openbsi 5.9 Emerson OpenBSI through 2022-04-29 uses weak cryptography. | 5.5 |
| 2022-07-26 | CVE-2022-29962 | Use of Hard-coded Credentials vulnerability in Emerson products The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. | 5.5 |
| 2022-07-26 | CVE-2022-29963 | Use of Hard-coded Credentials vulnerability in Emerson products The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. | 5.5 |
| 2022-07-26 | CVE-2022-29964 | Use of Hard-coded Credentials vulnerability in Emerson products The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. | 5.5 |
| 2022-07-26 | CVE-2022-29965 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Emerson products The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. | 5.5 |
| 2022-05-19 | CVE-2020-16235 | Inadequate Encryption Strength vulnerability in Emerson Openenterprise Scada Server Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through version 3.3.5, to access field devices and external systems to be obtained. | 6.5 |
| 2022-02-24 | CVE-2020-10632 | Unspecified vulnerability in Emerson Openenterprise Scada Server 2.8.3/3.1/3.3.3 Inadequate folder security permissions in Emerson OpenEnterprise versions through 3.3.4 may allow modification of important configuration files, which could cause the system to fail or behave in an unpredictable manner. | 5.3 |