CVE-2025-46358

Emerson ValveLink Products Protection Mechanism Failure

Description

Emerson ValveLink products do not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

Remediation

Solution:

Emerson recommends users update their Valvelink software to ValveLink 14.0 or later. The upgrade can be downloaded from the Emerson website https://www.emerson.com/en-us/support/software-downloads-drivers .For more information see the associated Emerson security notification. https://www.emerson.com/en-us/support/security-notifications

References

Link	Tags
https://www.cisa.gov/news-events/ics-advisories/icsa-25-189-01
https://www.emerson.com/en-us/support/security-notifications
https://www.emerson.com/en-us/support/software-downloads-drivers

Frequently Asked Questions

What is the severity of CVE-2025-46358?: CVE-2025-46358 has been scored as a high severity vulnerability.
How to fix CVE-2025-46358?: To fix CVE-2025-46358: Emerson recommends users update their Valvelink software to ValveLink 14.0 or later. The upgrade can be downloaded from the Emerson website https://www.emerson.com/en-us/support/software-downloads-drivers .For more information see the associated Emerson security notification. https://www.emerson.com/en-us/support/security-notifications
Is CVE-2025-46358 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2025-46358 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-46358?: CVE-2025-46358 affects Emerson ValveLink SOLO, Emerson ValveLink DTM, Emerson ValveLink PRM, Emerson ValveLink SNAP-ON.

Description

Remediation

Category

CWE-693 – Protection Mechanism Failure

References

Frequently Asked Questions