CVE-2021-27465

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications do not validate webpage input, which could allow an attacker to inject arbitrary HTML code into a webpage. This would allow an attacker to modify the page and display incorre...

CVE-2021-27461

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected webserver applications allow access to stored data that can be obtained by using specially crafted URLs...

CVE-2021-27463

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications utilize persistent cookies where the session cookie attribute is not properly invalidated, allowing an attacker to intercept the cookies and gain access to sensitive...

CVE-2021-27457

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected products utilize a weak encryption algorithm for storage of sensitive data, which may allow an attacker to more easily obtain credentials used for access...

EUVD-2021-14211

Malware in sbrugna...

EUVD-2021-14215

Malware in sbrugna...

EUVD-2021-14213

Malware in sbrugna...

EUVD-2021-14219

Malware in sbrugna...

EUVD-2021-14221

Malware in sbrugna...

EUVD-2023-56452

Malicious code in bioql PyPI...

EUVD-2023-53647

Malicious code in bioql PyPI...

EUVD-2023-50875

Malicious code in bioql PyPI...

CVE-2021-27467

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected product’s web interface allows an attacker to route click or keystroke to another page provided by the attacker to gain unauthorized access to sensitive information...

Researchers Warn of Flaws in Widely Used Industrial Gas Analysis Equipment

Multiple security flaws have been disclosed in Emerson Rosemount gas chromatographs that could be exploited by malicious actors to obtain sensitive information, induce a denial-of-service DoS condition, and even execute arbitrary commands. The flaws impact GC370XA, GC700XA, and GC1500XA and resid...

The vulnerability of microprogrammed software in Rosemount GC370XA, GC700XA, and GC1500XA gas chromatographs is caused by deficiencies in the authentication process, which allows unauthorized access to confidential information or causes service failures.

The vulnerability of microprogrammed software in Rosemount GC370XA, GC700XA, and GC1500XA gas chromatographs is related to deficiencies in the authentication process. Exploiting this vulnerability can allow unauthorized individuals to access confidential information or cause service failures...

CVE-2023-49716

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an authenticated user with network access could run arbitrary commands from a remote computer...

CVE-2023-51761

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could bypass authentication and acquire admin capabilities...

CVE-2023-49716

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an authenticated user with network access could run arbitrary commands from a remote computer...

CVE-2023-51761

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could bypass authentication and acquire admin capabilities...

CVE-2023-43609

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could obtain access to sensitive information or cause a denial-of-service condition...