CVE-2021-42538

Emerson WirelessHART Gateway

Description

The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input.

Solution:

Emerson recommends upgrading to v4.7.105 to address these vulnerabilities. Users can visit the Emerson Gate Firmware site for and download instructions. If affected users do not yet have a free Guardian account, please see the updated Emerson Gateway Firmware download process by following the link above and viewing the download guide.

Link	Tags
https://us-cert.cisa.gov/ics/advisories/icsa-21-278-02	us government resource third party advisory patch

What is the severity of CVE-2021-42538?: CVE-2021-42538 has been scored as a high severity vulnerability.
How to fix CVE-2021-42538?: To fix CVE-2021-42538: Emerson recommends upgrading to v4.7.105 to address these vulnerabilities. Users can visit the Emerson Gate Firmware site for and download instructions. If affected users do not yet have a free Guardian account, please see the updated Emerson Gateway Firmware download process by following the link above and viewing the download guide.
Is CVE-2021-42538 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2021-42538 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-42538?: CVE-2021-42538 affects Emerson WirelessHART Gateway.