← Back to home
ICSA-20-049-02  ·  Published 2020-02-18  ·  View on CISA ICS-CERT ↗

Emerson OpenEnterprise

CVSS 8.1 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to execute code on an OpenEnterprise SCADA Server.

CVEs (1)

Remediations

  • Emerson recommends all users upgrade to OpenEnterprise 3.3, Service Pack 4 (3.3.4), to resolve this issue. OpenEnterprise Service Packs are available to users with access to the Emerson SupportNet system (login required). Details will be found in the downloads area.
  • Please send any questions via a SupportNet ticket or by contacting Emerson at US 800-537-9313. For users outside of the United States, please use international toll-free numbers.

Affected Vendors

Emerson

Affected Products (2)

Emerson · OpenEnterprise 2.83
Emerson · OpenEnterprise 3.1 through 3.3.3 vers:all/*

Affected Sectors

Energy, Chemical, Transportation, Water and Wastewater

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more