Emerson Openenterprise Scada Server — known CVE vulnerabilities
Every CVE whose affected-product data names Emerson Openenterprise Scada Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2020-10640 — CVSS 10.0 (critical): Emerson OpenEnterprise versions through 3.3.4 may allow an attacker to run an arbitrary commands with system privileges or perform remote…
CVE-2020-6970 — CVSS 9.8 (critical): A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 (if Modbus or ROC Interfaces have been installed and are…
CVE-2020-10632 — CVSS 8.8 (high): Inadequate folder security permissions in Emerson OpenEnterprise versions through 3.3.4 may allow modification of important configuration…
CVE-2020-10636 — CVSS 6.5 (medium): Inadequate encryption may allow the passwords for Emerson OpenEnterprise versions through 3.3.4 user accounts to be obtained.
CVE-2020-16235 — CVSS 3.8 (low): Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through version 3.3.5, to access field devices and…