CVE-2021-42540
CWE-123 WRITE-WHAT-WHERE CONDITION:
The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic to overwrite the settings and other key functionality.
Risk Information
- CVE ID
- CVE-2021-42540
- Vendor
- Emerson
- Product
- WirelessHART Gateway
- CVSS v3
- 8.0