CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
10.4%
The Emerson ControlWave ‘Next Generation’ RTUs through 2022-05-02 mishandle firmware integrity. They utilize the BSAP-IP protocol to transmit firmware updates. Firmware updates are supplied as CAB archive files containing a binary firmware image. In all cases, firmware images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks.
Vendor | Product | Version | CPE |
---|---|---|---|
emerson | controlwave_pac_firmware | * | cpe:2.3:o:emerson:controlwave_pac_firmware:*:*:*:*:*:*:*:* |
emerson | controlwave_pac | - | cpe:2.3:h:emerson:controlwave_pac:-:*:*:*:*:*:*:* |
emerson | controlwave_micro_firmware | * | cpe:2.3:o:emerson:controlwave_micro_firmware:*:*:*:*:*:*:*:* |
emerson | controlwave_micro | - | cpe:2.3:h:emerson:controlwave_micro:-:*:*:*:*:*:*:* |
More