Known Vulnerabilities for products from Emerson
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Emerson".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Emerson can be found at device.report : Emerson
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-1935 json | ROC800-Series RTU devices are vulnerable to an authentication bypass, which could allow an attacker to gain unauthorized acce... | 9.4 - CRITICAL | 2023-08-02 | 2023-11-07 |
| CVE-2022-30264 json | The Emerson ROC and FloBoss RTU product lines through 2022-05-02 perform insecure filesystem operations. They utilize the ROC... | 9.8 - CRITICAL | 2022-08-16 | 2022-08-17 |
| CVE-2022-30262 json | The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity. They utilize the BSAP-IP prot... | 7.8 - HIGH | 2022-08-17 | 2022-08-20 |
| CVE-2022-30260 json | Emerson DeltaV Distributed Control System (DCS) has insufficient verification of firmware integrity (an inadequate checksum a... | 7.8 - HIGH | 2022-12-26 | 2023-01-05 |
| CVE-2022-29965 json | The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. Access to p... | 5.5 - MEDIUM | 2022-07-26 | 2023-01-24 |
| CVE-2022-29964 json | The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. WIOC SSH pr... | 5.5 - MEDIUM | 2022-07-26 | 2022-08-04 |
| CVE-2022-29963 json | The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. TELNET on p... | 5.5 - MEDIUM | 2022-07-26 | 2022-08-04 |
| CVE-2022-29962 json | The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. FTP has har... | 5.5 - MEDIUM | 2022-07-26 | 2022-08-04 |
| CVE-2022-29960 json | Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for the ControlWave and Bristol B... | 5.5 - MEDIUM | 2022-07-26 | 2022-08-16 |
| CVE-2022-29959 json | Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering environment for the ControlWave and Br... | 5.5 - MEDIUM | 2022-08-16 | 2023-08-08 |
| CVE-2022-29957 json | The Emerson DeltaV Distributed Control System (DCS) through 2022-04-29 mishandles authentication. It utilizes several proprie... | 7.8 - HIGH | 2022-07-26 | 2023-01-24 |
| CVE-2022-2793 json | Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Chec... | 7.8 - HIGH | 2022-08-19 | 2022-08-24 |
| CVE-2022-2792 json | Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-284 Improper Access Control, and store... | 7.5 - HIGH | 2022-08-19 | 2023-06-28 |
| CVE-2022-2791 json | Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with D... | 7.8 - HIGH | 2022-11-22 | 2022-11-26 |
| CVE-2022-2790 json | Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-347 Improper Verification of Cryptogra... | 5.9 - MEDIUM | 2022-08-19 | 2022-08-24 |
| CVE-2022-2789 json | Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data ... | 5.5 - MEDIUM | 2022-08-19 | 2022-08-23 |
| CVE-2022-2788 json | Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: '\..\Filename', als... | 7.3 - HIGH | 2022-08-19 | 2023-06-28 |
| CVE-2021-45427 json | Emerson XWEB 300D EVO 3.0.7--3ee403 is affected by: unauthenticated arbitrary file deletion due to path traversal. An attacke... | 9.8 - CRITICAL | 2021-12-30 | 2022-01-11 |
| CVE-2021-45421 json | ** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing... | 7.5 - HIGH | 2022-02-14 | 2023-11-07 |
| CVE-2021-45420 json | ** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-b... | 9.8 - CRITICAL | 2022-02-14 | 2023-11-07 |
Known software with vulnerabilities from Emerson
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Emerson | Ams Device Manager | 1.0 |
| Application | Emerson | Aperture Web Application Server | 4.0 |
| Application | Emerson | Aperture Web Services Server | 4.0 |
| Hardware | Emerson | Avocent Dsr1021 | - |
| Hardware | Emerson | Avocent Dsr1031 | - |
| Hardware | Emerson | Avocent Mpu108edac | - |
| Hardware | Emerson | Avocent Mpu4032 | - |
| Application | Emerson | Deltav | 10.3.1 |
| Application | Emerson | Deltav Proessentials Scientific Graph | 5.0.0.6 |
| Application | Emerson | Deltav Workstation | 10.3.1 |
| Hardware | Emerson | Dl 8000 Remote Terminal Unit | - |
| Hardware | Emerson | Gxt4-2000rt120 | - |
| Hardware | Emerson | Network Power Avocent Mergepoint Unity 2016 | - |
| Operating System | Emerson | Network Power Avocent Mergepoint Unity 2016 Firmware | 1.9.16473 |
| Application | Emerson | Openenterprise Scada Server | 2.8.3 |
| Hardware | Emerson | Roc 800l Remote Terminal Unit | - |
| Hardware | Emerson | Roc 800 Remote Terminal Unit | - |
| Hardware | Emerson | Rx3i Cpe100 | - |
| Operating System | Emerson | Rx3i Cpe100 Firmware | - |
| Hardware | Emerson | Rx3i Cpe115 | - |