CVE-2021-27459

Summary

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The webserver of the affected products allows unvalidated files to be uploaded, which an attacker could utilize to execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
n/aEmerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP – all revisions, X-STREAM enhanced XEGK – all revisions, X-STREAM enhanced XEFD – all revisions, X-STREAM enhanced XEXF – all revisionsaffected

Weaknesses

  • CWE-434: UNRESTRICTED UPLOAD OF FILE WITH DANGEROUS TYPE CWE-434

ADP Enrichment

CVE Program Container

Additional References

References