CVE-2023-46687

Summary

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from a remote computer.

Affected Software

VendorProductVersion RangeStatus
EmersonRosemount GC370XA0 <= Version 4.1.5affected
EmersonRosemount GC700XA0 <= Version 4.1.5affected
EmersonRosemount GC1500XA0 <= Version 4.1.5affected

Weaknesses

  • CWE-77: CWE-77 Command Injection

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References