CVE-2020-12030 CRITICAL

CVE-2020-12030: Emerson WirelessHART Gateway

Vendor Emerson
Product Wireless 1410 Gateway
Weakness CWE-284
Published September 29, 2021
Last update August 4, 2024

CVSS base score

10.0/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

There is a flaw in the code used to configure the internal gateway firewall when the gateway's VLAN feature is enabled. If a user enables the VLAN setting, the internal gateway firewall becomes disabled resulting in exposure of all ports used by the gateway.

Key dates

02Disclosure timeline

September 29, 2021 CVE published
August 4, 2024 Record updated