2 matches found
CVE-2022-30262
The CVE-2022-30262 entry concerns Emerson ControlWave ‘Next Generation’ RTUs (through 2022-05-02) with firmware updates transmitted over BSAP-IP. The vulnerability is insufficient verification of data authenticity: firmware images in CAB archives are not authenticated (no signing) and rely on ins...
CVE-2018-5452
The CVE-2018-5452 vulnerability affects Emerson ControlWave Micro Process Automation Controller (ProConOS v.4.01.280; firmware CWM v.05.78.00 and earlier). It is a stack-based buffer overflow triggered by crafting packets to port 20547, which can cause the PLC to halt. Impact described includes p...