X Stream Enhanced Xegp Firmware
CVE-2020-27254
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, XEFD, XEXF - all revisions, The affected products are vulnerable to improper authentication for accessing log and backup data, which could allow an attacker with a specially crafted URL to obtain access to sensitive information.
AnalysisAI
Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, XEFD, XEXF - all revisions, The affected products are vulnerable to improper authentication for accessing log and backup data,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, XEFD, XEXF - all revisions, The affected products are vulnerable to improper authentication for accessing log and backup data, which could allow an attacker with a specially crafted URL to obtain access to sensitive information. Affected products include: Emerson X-Stream Enhanced Xegp Firmware, Emerson X-Stream Enhanced Xegk Firmware, Emerson X-Stream Enhanced Xefd Firmware, Emerson X-Stream Enhanced Xexf Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. Rated critical severity
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. Rated high severity (CV
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. Rated high severity (CV
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. Rated medium severity (
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. Rated medium severity (
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. Rated medium severity (
Same weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today