ICSA-20-352-01
·
Published 2020-12-17
·
View on CISA ICS-CERT ↗
Emerson Rosemount X-STREAM
CVSS 7.5
HIGH
Risk Summary
Successful exploitation of this vulnerability could allow an attacker through a specially crafted URL to download files and obtain sensitive information.
CVEs (1)
Remediations
- Emerson recommends users update the firmware of any affected products. A new release that addresses the issues identified in this Cybersecurity Notification impacting the affected products is available. For information on how to obtain the update contact [email protected]
- In addition, Emerson recommends users of affected products continue to utilize current cybersecurity industry best practices. In the event such infrastructure is not implemented within an end user's network, action should be taken to ensure the affected products are connected to a well-protected network and properly segmented from the Internet. For more information on the Emerson Security notifications page.
Affected Vendors
Emerson
Affected Products (4)
Emerson
·
X-STREAM enhanced XEGK
vers:all/*
Emerson
·
X-STREAM enhanced XEXF
vers:all/*
Emerson
·
X-STREAM enhanced XEGP
vers:all/*
Emerson
·
X-STREAM enhanced XEFD
vers:all/*
Affected Sectors
Energy, Chemical
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more