CVE-2021-27465

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications do not validate webpage input, which could allow an attacker to inject arbitrary HTML code into a webpage. This would allow an attacker to modify the page and display incorre...

CVE-2021-27461

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected webserver applications allow access to stored data that can be obtained by using specially crafted URLs...

CVE-2021-27463

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications utilize persistent cookies where the session cookie attribute is not properly invalidated, allowing an attacker to intercept the cookies and gain access to sensitive...

CVE-2021-27457

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected products utilize a weak encryption algorithm for storage of sensitive data, which may allow an attacker to more easily obtain credentials used for access...

EUVD-2021-14219

Malware in sbrugna...

EUVD-2021-14221

Malware in sbrugna...

EUVD-2021-14215

Malware in sbrugna...

EUVD-2021-14211

Malware in sbrugna...

EUVD-2021-14213

Malware in sbrugna...

EUVD-2023-56452

Malicious code in bioql PyPI...

EUVD-2023-50875

Malicious code in bioql PyPI...

EUVD-2023-53647

Malicious code in bioql PyPI...

CVE-2021-27467

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected product’s web interface allows an attacker to route click or keystroke to another page provided by the attacker to gain unauthorized access to sensitive information...

Researchers Warn of Flaws in Widely Used Industrial Gas Analysis Equipment

Multiple security flaws have been disclosed in Emerson Rosemount gas chromatographs that could be exploited by malicious actors to obtain sensitive information, induce a denial-of-service DoS condition, and even execute arbitrary commands. The flaws impact GC370XA, GC700XA, and GC1500XA and resid...

CVE-2023-51761

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could bypass authentication and acquire admin capabilities...

CVE-2023-51761

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could bypass authentication and acquire admin capabilities...

CVE-2023-49716

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an authenticated user with network access could run arbitrary commands from a remote computer...

CVE-2023-49716

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an authenticated user with network access could run arbitrary commands from a remote computer...

CVE-2023-43609

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could obtain access to sensitive information or cause a denial-of-service condition...

CVE-2023-46687

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from a remote computer...