← back
CVE-2021-38485

Emerson WirelessHART Gateway

CVSS 8 HIGHEPSS 0.9%CWE-20
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8EPSS 0.9%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
22 Oct 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The affected product is vulnerable to improper input validation in the restore file. This enables an attacker to provide malicious config files to replace any file on disk.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected products
Emerson · WirelessHART Gateway

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://us-cert.cisa.gov/ics/advisories/icsa-21-278-02