CVE-2025-48496

Summary

Emerson ValveLink products use a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

Affected Software

VendorProductVersion RangeStatus
EmersonValveLink SOLO0 < ValveLink 14.0affected
EmersonValveLink DTM0 < ValveLink 14.0affected
EmersonValveLink PRM0 < ValveLink 14.0affected
EmersonValveLink SNAP-ON0 < ValveLink 14.0affected

Weaknesses

  • CWE-427: CWE-427

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References