CVE-2025-53471
5.1
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
Emerson ValveLink products receive input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Emerson | ValveLink SOLO | 0 < ValveLink 14.0 | affected |
| Emerson | ValveLink SOLO | ValveLink 14.0 | unaffected |
| Emerson | ValveLink DTM | 0 < ValveLink 14.0 | affected |
| Emerson | ValveLink DTM | ValveLink 14.0 | unaffected |
| Emerson | ValveLink PRM | 0 < ValveLink 14.0 | affected |
| Emerson | ValveLink PRM | ValveLink 14.0 | unaffected |
| Emerson | ValveLink SNAP-ON | 0 < ValveLink 14.0 | affected |
| Emerson | ValveLink SNAP-ON | ValveLink 14.0 | unaffected |
Weaknesses
- CWE-20: CWE-20
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-189-01
- https://www.emerson.com/en-us/support/security-notifications
- https://www.emerson.com/en-us/support/software-downloads-drivers
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-189-01.json
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.