Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity. They utilize the BSAP-IP protocol to transmit firmware updates. Firmware updates are supplied as CAB archive files containing a binary firmware image. In all cases, firmware images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Emerson ControlWave 数据伪造问题漏洞
Vulnerability Description
Emerson ControlWave是美国艾默生电气(Emerson)公司的一款高度可编程的控制器,它将可编程逻辑控制器 (PLC) 和远程终端单元 (RTU) 的独特功能结合到一个混合控制器中。 Emerson ControlWave 所有版本存在数据伪造问题漏洞,该漏洞源于数据真实性验证不足。
CVSS Information
N/A
Vulnerability Type
N/A