CVE-2025-53471 | THREATINT

Description

Emerson ValveLink products receive input or data, but it do not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

PUBLISHED Reserved 2025-06-30 | Published 2025-07-10 | Updated 2025-07-11 | Assigner icscert

MEDIUM: 5.1CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

MEDIUM: 5.9CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Problem types

Product status

Default status

unaffected

Any version before ValveLink 14.0

affected

Default status

unaffected

Any version before ValveLink 14.0

affected

Default status

unaffected

Any version before ValveLink 14.0

affected

Default status

unaffected

Any version before ValveLink 14.0

affected

Credits

Emerson reported these vulnerabilities to CISA. finder

References

www.cisa.gov/news-events/ics-advisories/icsa-25-189-01

www.emerson.com/en-us/support/security-notifications

www.emerson.com/en-us/support/software-downloads-drivers

cve.org (CVE-2025-53471)

nvd.nist.gov (CVE-2025-53471)

Download JSON

help @ threatint.eu