Vulnerability Description
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from a remote computer.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Emerson | Gc370Xa Firmware | 4.1.5 |
| Emerson | Gc370Xa | - |
| Emerson | Gc700Xa Firmware | 4.1.5 |
| Emerson | Gc700Xa | - |
| Emerson | Gc1500Xa Firmware | 4.1.5 |
| Emerson | Gc1500Xa | - |
Related Weaknesses (CWE)
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01Third Party AdvisoryUS Government Resource
- https://www.emerson.com/documents/automation/security-notification-emerson-gas-cVendor Advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01Third Party AdvisoryUS Government Resource
- https://www.emerson.com/documents/automation/security-notification-emerson-gas-cVendor Advisory
FAQ
What is CVE-2023-46687?
CVE-2023-46687 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from a remote computer.
How severe is CVE-2023-46687?
CVE-2023-46687 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-46687?
Check the references section above for vendor advisories and patch information. Affected products include: Emerson Gc370Xa Firmware, Emerson Gc370Xa, Emerson Gc700Xa Firmware, Emerson Gc700Xa, Emerson Gc1500Xa Firmware.