EUVD-2021-29508

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Affected product has missing permission validation on backup restore, risking account take over.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2021-42539	22 Oct 202118:39	–	circl
CNNVD	Emerson WirelessHART Gateway 访问控制错误漏洞	22 Oct 202100:00	–	cnnvd
CVE	CVE-2021-42539	22 Oct 202113:23	–	cve
Cvelist	CVE-2021-42539 Emerson WirelessHART Gateway	22 Oct 202113:23	–	cvelist
ICS	Emerson WirelessHART Gateway	5 Oct 202100:00	–	ics
NVD	CVE-2021-42539	22 Oct 202114:15	–	nvd
OSV	CVE-2021-42539	22 Oct 202114:15	–	osv
Prion	Design/Logic Flaw	22 Oct 202114:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "9851109d-78a8-31c0-8110-52809ec8506c",
        "vendor": {
          "name": "Emerson"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0ce9e410-03d8-396c-9399-58015e33ee88",
        "product": {
          "name": "WirelessHART Gateway"
        },
        "product_version": "1420 ≤4.7.94"
      },
      {
        "id": "1b05f424-caf3-3d4f-b34d-363234ce6686",
        "product": {
          "name": "WirelessHART Gateway"
        },
        "product_version": "1410D ≤4.7.94"
      },
      {
        "id": "2dc42122-4afc-32ba-9121-a37b4ed71a09",
        "product": {
          "name": "WirelessHART Gateway"
        },
        "product_version": "1410 ≤4.7.94"
      }
    ]
  }
]

Source	Link
us-cert	www.us-cert.cisa.gov/ics/advisories/icsa-21-278-02

03 Oct 2025 20:07Current

8.6High risk

Vulners AI Score8.6

CVSS 3.18 - 8.8

CVSS 26.5

EPSS0.00175

vulnerability permission validation account takeover backup restore settings change