EmersonCVEs & Vulnerabilities

85 CVEs affecting Emerson products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

deltav 65deltav workstation 21wireless 1420 gateway firmware 8wireless 1420 gateway 8x-stream enhanced xefd 7wireless 1410 gateway firmware 7wireless 1410 gateway 7x-stream enhanced xefd firmware 7
CVE-2021-45420KEVCRITICALin the wild

Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced.

11 Apr 2026
9.8
CVSS
CVE-2024-1156HIGH

Incorrect directory permissions for the shared NI RabbitMQ service may allow a local authenticated user to read RabbitMQ configuration information and potentially enable escalation of privileges.

20 Feb 2024
7.8
CVSS
CVE-2024-1155HIGH

Incorrect permissions in the installation directories for shared SystemLink Elixir based services may allow an authenticated user to potentially enable escalation of privilege via local access.

20 Feb 2024
7.8
CVSS
CVE-2023-51761HIGH

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could bypass authentication and acquire admin capabilities.

9 Feb 2024
8.1
CVSS
CVE-2023-49716CRITICAL

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an authenticated user with network access could run arbitrary commands from a remote computer.

9 Feb 2024
9.8
CVSS
CVE-2023-46687CRITICAL

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from a remote computer.

9 Feb 2024
9.8
CVSS
CVE-2023-43609CRITICAL

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could obtain access to sensitive information or cause a denial-of-service condition.

9 Feb 2024
9.1
CVSS
CVE-2023-1935CRITICAL

ROC800-Series RTU devices are vulnerable to an authentication bypass, which could allow an attacker to gain unauthorized access to data or control of the device and cause a denial-of-service condition.

3 Aug 2023
9.4
CVSS
CVE-2022-30260HIGH

Emerson DeltaV Distributed Control System (DCS) has insufficient verification of firmware integrity (an inadequate checksum approach, and no signature). This affects versions before 14.3 of DeltaV M-series, DeltaV S-series, DeltaV P-series, DeltaV SIS, and DeltaV CIOC/EIOC/WIOC IO cards.

26 Dec 2022
7.8
CVSS
CVE-2022-2791HIGH

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC.

22 Nov 2022
7.8
CVSS
CVE-2022-2793HIGH

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol.

20 Aug 2022
7.8
CVSS
CVE-2022-2792HIGH

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-284 Improper Access Control, and stores project data in a directory with improper access control lists.

20 Aug 2022
7.5
CVSS
CVE-2022-2790MEDIUM

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-347 Improper Verification of Cryptographic Signature, and does not properly verify compiled logic (PDT files) and data blocks data (BLD/BLK files).

20 Aug 2022
5.9
CVSS
CVE-2022-2789MEDIUM

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic.

20 Aug 2022
5.5
CVSS
CVE-2022-2788HIGH

Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: '\..\Filename', also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering station onto Windows in a way that executes the malicious code.

20 Aug 2022
7.3
CVSS
CVE-2022-30262HIGH

The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity. They utilize the BSAP-IP protocol to transmit firmware updates. Firmware updates are supplied as CAB archive files containing a binary firmware image. In all cases, firmware images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks.

17 Aug 2022
7.8
CVSS
CVE-2022-30264CRITICAL

The Emerson ROC and FloBoss RTU product lines through 2022-05-02 perform insecure filesystem operations. They utilize the ROC protocol (4000/TCP, 5000/TCP) for communications between a master terminal and RTUs. Opcode 203 of this protocol allows a master terminal to transfer files to and from the flash filesystem and carrying out arbitrary file and directory read, write, and delete operations.

16 Aug 2022
9.8
CVSS
CVE-2022-29959MEDIUM

Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering environment for the ControlWave and Bristol Babcock line of RTUs. This environment provides access control functionality through user authentication and privilege management. The credentials for various users are stored insecurely in the SecUsers.ini file by using a simple string transformation rather than a cryptographic mechanism.

16 Aug 2022
5.5
CVSS
CVE-2022-29965MEDIUM

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. Access to privileged operations on the maintenance port TELNET interface (23/TCP) on M-series and SIS (CSLS/LSNB/LSNG) nodes is controlled by means of utility passwords. These passwords are generated using a deterministic, insecure algorithm using a single seed value composed of a day/hour/minute timestamp with less than 16 bits of entropy. The seed value is fed through a lookup table and a series of permutation operations resulting in three different four-character passwords corresponding to different privilege levels. An attacker can easily reconstruct these passwords and thus gain access to privileged maintenance operations. NOTE: this is different from CVE-2014-2350.

27 Jul 2022
5.5
CVSS
CVE-2022-29964MEDIUM

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. WIOC SSH provides access to a shell as root, DeltaV, or backup via hardcoded credentials. NOTE: this is different from CVE-2014-2350.

27 Jul 2022
5.5
CVSS
CVE-2022-29963MEDIUM

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. TELNET on port 18550 provides access to a root shell via hardcoded credentials. This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350.

27 Jul 2022
5.5
CVSS
CVE-2022-29962MEDIUM

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. FTP has hardcoded credentials (but may often be disabled in production). This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350.

27 Jul 2022
5.5
CVSS
CVE-2022-29960MEDIUM

Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for the ControlWave and Bristol Babcock line of RTUs. DES with hardcoded cryptographic keys is used for protection of certain system credentials, engineering files, and sensitive utilities.

27 Jul 2022
5.5
CVSS
CVE-2022-29957HIGH

The Emerson DeltaV Distributed Control System (DCS) through 2022-04-29 mishandles authentication. It utilizes several proprietary protocols for a wide variety of functionality. These protocols include Firmware upgrade (18508/TCP, 18518/TCP); Plug-and-Play (18510/UDP); Hawk services (18507/UDP); Management (18519/TCP); Cold restart (18512/UDP); SIS communications (12345/TCP); and Wireless Gateway Protocol (18515/UDP). None of these protocols have any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality.

27 Jul 2022
7.8
CVSS
CVE-2020-16235MEDIUM

Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through version 3.3.5, to access field devices and external systems to be obtained.

19 May 2022
6.5
CVSS
CVE-2020-10640CRITICAL

Emerson OpenEnterprise versions through 3.3.4 may allow an attacker to run an arbitrary commands with system privileges or perform remote code execution via a specific communication service.

24 Feb 2022
9.8
CVSS
CVE-2020-10636HIGH

Inadequate encryption may allow the passwords for Emerson OpenEnterprise versions through 3.3.4 user accounts to be obtained.

24 Feb 2022
7.5
CVSS
CVE-2020-10632MEDIUM

Inadequate folder security permissions in Emerson OpenEnterprise versions through 3.3.4 may allow modification of important configuration files, which could cause the system to fail or behave in an unpredictable manner.

24 Feb 2022
5.3
CVSS
CVE-2021-45421HIGH

Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or replaced.

14 Feb 2022
7.5
CVSS
CVE-2021-44463HIGH

Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation on the DeltaV Distributed Control System Controllers and Workstations (All versions) when some DeltaV services are started.

28 Jan 2022
7.3
CVSS
CVE-2021-26264MEDIUM

A specially crafted script could cause the DeltaV Distributed Control System Controllers (All Versions) to restart and cause a denial-of-service condition.

28 Jan 2022
5.5
CVSS
CVE-2021-45427CRITICAL

Emerson XWEB 300D EVO 3.0.7--3ee403 is affected by: unauthenticated arbitrary file deletion due to path traversal. An attacker can browse and delete files without any authentication due to incorrect access control and directory traversal.

30 Dec 2021
9.8
CVSS
CVE-2021-42542HIGH

The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure.

22 Oct 2021
8.8
CVSS
CVE-2021-42540HIGH

The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic to overwrite the settings and other key functionality.

22 Oct 2021
8.8
CVSS
CVE-2021-42539HIGH

The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change.

22 Oct 2021
8.8
CVSS
CVE-2021-42538HIGH

The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input.

22 Oct 2021
8.8
CVSS
CVE-2021-42536MEDIUM

The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables.

22 Oct 2021
6.5
CVSS
CVE-2021-38485HIGH

The affected product is vulnerable to improper input validation in the restore file. This enables an attacker to provide malicious config files to replace any file on disk.

22 Oct 2021
8.8
CVSS
CVE-2020-12030CRITICAL

There is a flaw in the code used to configure the internal gateway firewall when the gateway's VLAN feature is enabled. If a user enables the VLAN setting, the internal gateway firewall becomes disabled resulting in exposure of all ports used by the gateway.

29 Sep 2021
10.0
CVSS
CVE-2021-29298MEDIUM

Improper Input Validation in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack to the component "FrameworX.exe"in the module "fxVPStatcTcp.dll".

30 Jul 2021
5.3
CVSS
CVE-2021-29297MEDIUM

Buffer Overflow in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack to the component "FrameworX.exe" in the module "MSVCR100.dll".

30 Jul 2021
5.3
CVSS
CVE-2021-27467MEDIUM

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected product’s web interface allows an attacker to route click or keystroke to another page provided by the attacker to gain unauthorized access to sensitive information.

20 May 2021
6.1
CVSS
CVE-2021-27465MEDIUM

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications do not validate webpage input, which could allow an attacker to inject arbitrary HTML code into a webpage. This would allow an attacker to modify the page and display incorrect or undesirable data.

20 May 2021
6.1
CVSS
CVE-2021-27463MEDIUM

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications utilize persistent cookies where the session cookie attribute is not properly invalidated, allowing an attacker to intercept the cookies and gain access to sensitive information.

20 May 2021
5.3
CVSS
CVE-2021-27461HIGH

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected webserver applications allow access to stored data that can be obtained by using specially crafted URLs.

20 May 2021
7.5
CVSS
CVE-2021-27459CRITICAL

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The webserver of the affected products allows unvalidated files to be uploaded, which an attacker could utilize to execute arbitrary code.

20 May 2021
9.8
CVSS
CVE-2021-27457HIGH

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected products utilize a weak encryption algorithm for storage of sensitive data, which may allow an attacker to more easily obtain credentials used for access.

20 May 2021
7.5
CVSS
CVE-2020-19419HIGH

Incorrect Access Control in Emerson Smart Wireless Gateway 1420 4.6.59 allows remote attackers to obtain sensitive device information from the administrator console without authentication.

10 Mar 2021
7.5
CVSS
← PrevPage 1 / 2Next →