Primary

Context

Emerson ValveLink Products Uncontrolled Search Path Vulnerability

Vulnerability

Patched

A vulnerability exists in Emerson ValveLink products due to an uncontrolled search path element, allowing unintended actors to potentially manipulate resource locations. This issue affects ValveLink SOLO, DTM, PRM, and SNAP-ON, all versions prior to 14.0.

Impact

Exploitation of this vulnerability could enable an attacker to execute unauthorized code on the affected system.

Remediation

Users are advised to update to ValveLink 14.0 or later. The update is available on the Emerson website. For more information, see the associated Emerson security notification.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

7.5

exploitability

4.7

remediation

7.9

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

7.5

exploitability

4.7

remediation

7.9

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Emerson ValveLink Products Uncontrolled Search Path Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Emerson ValveLink SOLO

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating