CVE-2020-6971
HIGHEmerson ValveLink 12.0.264-13.4.118 - Privilege Escalation via Insecure Configuration Parameters
Title source: llmDescription
In Emerson ValveLink v12.0.264 to v13.4.118, a vulnerability in the ValveLink software may allow a local, unprivileged, trusted insider to escalate privileges due to insecure configuration parameters.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://www.us-cert.gov/ics/advisories/icsa-20-063-01
Scores
CVSS v3
7.8
EPSS
0.0028
EPSS Percentile
19.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
CWE-284
Status
published
Products (1)
emerson/valvelink
12.0.264 - 13.4.118
Published
Mar 05, 2020
Tracked Since
Feb 18, 2026