← Back to home
ICSA-18-058-03  ·  Published 2018-02-27  ·  View on CISA ICS-CERT ↗

Emerson ControlWave Micro Process Automation Controller

CVSS 7.5 HIGH

Risk Summary

ATTENTION: Remotely exploitable/low skill level to exploit.

CVEs (1)

Remediations

  • Assess which ControlWave products in your organization have Ethernet connectivity.
  • Upgrade the affected devices to firmware version 05.79.00 to correct this possible action. System firmware upgrade instructions are available in product documentation (ControlWave Micro Process Automation Controller Instruction Manual, part D301392X012).
  • The resolution described is available only to the user when appropriately incorporated into the application running in ControlWave Micro firmware.
  • Prior to upgrading the system firmware, always perform a full alarm and historical collection (archive files as well as audit logs).
  • The release notes and firmware upgrade are available to registered users at the following link:

Affected Vendors

Emerson

Affected Products (1)

Emerson · ControlWave Micro [ProConOS v.4.01.280] firmware <=05.78.00

Affected Sectors

Energy, Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more