Description
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected product’s web interface allows an attacker to route click or keystroke to another page provided by the attacker to gain unauthorized access to sensitive information.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://us-cert.cisa.gov/ics/advisories/icsa-21-138-01
Scores
CVSS v3
6.1
EPSS
0.0070
EPSS Percentile
48.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-1021
Status
published
Products (4)
emerson/x-stream_enhanced_xefd_firmware
emerson/x-stream_enhanced_xegk_firmware
emerson/x-stream_enhanced_xegp_firmware
emerson/x-stream_enhanced_xexf_firmware
Published
May 20, 2021
Tracked Since
Feb 18, 2026