Filtered by vendor Emerson
Subscribe
Total
85 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-9345 | 1 Emerson | 1 Deltav | 2025-04-20 | 4.9 MEDIUM | 6.8 MEDIUM |
| An issue was discovered in Emerson DeltaV Easy Security Management DeltaV V12.3, DeltaV V12.3.1, and DeltaV V13.3. Critical vulnerabilities may allow a local attacker to elevate privileges within the DeltaV control system. | |||||
| CVE-2016-8348 | 1 Emerson | 1 Liebert Sitescan Web | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| An XML External Entity (XXE) issue was discovered in Emerson Liebert SiteScan Web Version 6.5, and prior. An attacker may enter malicious input to Liebert SiteScan through a weakly configured XML parser causing the application to execute arbitrary code or disclose file contents from a server or connected network. | |||||
| CVE-2016-9347 | 1 Emerson | 4 Se4801t0x Redundant Wireless I\/o Card, Se4801t0x Redundant Wireless I\/o Card Firmware, Se4801t1x Simplex Wireless I\/o Card and 1 more | 2025-04-20 | 5.4 MEDIUM | 5.0 MEDIUM |
| An issue was discovered in Emerson SE4801T0X Redundant Wireless I/O Card V13.3, and SE4801T1X Simplex Wireless I/O Card V13.3. DeltaV Wireless I/O Cards (WIOC) running the firmware available in the DeltaV system, release v13.3, have the SSH (Secure Shell) functionality enabled unnecessarily. | |||||
| CVE-2021-44463 | 1 Emerson | 1 Deltav | 2025-04-17 | 6.9 MEDIUM | 8.1 HIGH |
| Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation on the DeltaV Distributed Control System Controllers and Workstations (All versions) when some DeltaV services are started. | |||||
| CVE-2021-26264 | 1 Emerson | 2 Deltav Distributed Control System, Deltav Workstation | 2025-04-17 | 4.9 MEDIUM | 6.1 MEDIUM |
| A specially crafted script could cause the DeltaV Distributed Control System Controllers (All Versions) to restart and cause a denial-of-service condition. | |||||
| CVE-2014-2349 | 1 Emerson | 1 Deltav | 2025-04-12 | 4.6 MEDIUM | N/A |
| Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 allows local users to modify or read configuration files by leveraging engineering-level privileges. | |||||
| CVE-2013-2810 | 1 Emerson | 6 Dl 8000 Remote Terminal Unit, Dl 8000 Remote Terminal Unit Firmware, Roc 800 Remote Terminal Unit and 3 more | 2025-04-12 | 10.0 HIGH | N/A |
| Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack. | |||||
| CVE-2014-2350 | 1 Emerson | 1 Deltav | 2025-04-12 | 7.5 HIGH | N/A |
| Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program. | |||||
| CVE-2015-1008 | 1 Emerson | 1 Ams Device Manager | 2025-04-12 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in Emerson AMS Device Manager before 13 allows remote authenticated users to gain privileges via malformed input. | |||||
| CVE-2013-6030 | 1 Emerson | 1 Network Power Avocent Mergepoint Unity 2016 Firmware | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability on the Emerson Network Power Avocent MergePoint Unity 2016 (aka MPU2016) KVM switch with firmware 1.9.16473 allows remote attackers to read arbitrary files via unspecified vectors, as demonstrated by reading the /etc/passwd file. | |||||
| CVE-2012-1816 | 1 Emerson | 3 Deltav, Deltav Proessentials Scientific Graph, Deltav Workstation | 2025-04-11 | 5.0 MEDIUM | N/A |
| PORTSERV.exe in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to cause a denial of service (daemon crash) via a crafted (1) TCP or (2) UDP packet to port 111. | |||||
| CVE-2012-3035 | 1 Emerson | 1 Deltav | 2025-04-11 | 5.0 MEDIUM | N/A |
| Buffer overflow in Emerson DeltaV 9.3.1 and 10.3 through 11.3.1 allows remote attackers to cause a denial of service (daemon crash) via a long string to an unspecified port. | |||||
| CVE-2013-0694 | 2 Emerson, Enea | 4 Dl 8000 Remote Terminal Unit, Roc 800 Remote Terminal Unit, Roc 800l Remote Terminal Unit and 1 more | 2025-04-11 | 9.0 HIGH | N/A |
| The Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier have hardcoded credentials in a ROM, which makes it easier for remote attackers to obtain shell access to the underlying OS by leveraging knowledge of the ROM contents from a product installation elsewhere. | |||||
| CVE-2012-1817 | 1 Emerson | 3 Deltav, Deltav Proessentials Scientific Graph, Deltav Workstation | 2025-04-11 | 7.5 HIGH | N/A |
| Buffer overflow in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via an invalid field in a project file. | |||||
| CVE-2013-0689 | 2 Emerson, Enea | 4 Dl 8000 Remote Terminal Unit, Roc 800 Remote Terminal Unit, Roc 800l Remote Terminal Unit and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
| The TFTP server on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to upload files and consequently execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-1815 | 1 Emerson | 3 Deltav, Deltav Proessentials Scientific Graph, Deltav Workstation | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2013-0693 | 2 Emerson, Enea | 4 Dl 8000 Remote Terminal Unit, Roc 800 Remote Terminal Unit, Roc 800l Remote Terminal Unit and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
| The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive information about device presence by listening for broadcast traffic. | |||||
| CVE-2013-0692 | 2 Emerson, Enea | 4 Dl 8000 Remote Terminal Unit, Roc 800 Remote Terminal Unit, Roc 800l Remote Terminal Unit and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
| The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary code by connecting to the debug service. | |||||
| CVE-2012-1818 | 1 Emerson | 3 Deltav, Deltav Proessentials Scientific Graph, Deltav Workstation | 2025-04-11 | 6.4 MEDIUM | N/A |
| An unspecified ActiveX control in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to overwrite arbitrary files via unknown vectors. | |||||
| CVE-2012-1814 | 1 Emerson | 3 Deltav, Deltav Proessentials Scientific Graph, Deltav Workstation | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||