Vulnerabilities (CVE)

Filtered by vendor Emerson Subscribe
Filtered by product Controlwave Pac
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-30262 1 Emerson 4 Controlwave Micro, Controlwave Micro Firmware, Controlwave Pac and 1 more 2024-11-21 N/A 7.8 HIGH
The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity. They utilize the BSAP-IP protocol to transmit firmware updates. Firmware updates are supplied as CAB archive files containing a binary firmware image. In all cases, firmware images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks.