CVE-2021-38485 : What You Need to Know

This article provides detailed information about CVE-2021-38485, a vulnerability affecting Emerson WirelessHART Gateway.

Understanding CVE-2021-38485

CVE-2021-38485 is a vulnerability that allows an attacker to provide malicious config files to replace any file on disk due to improper input validation in the restore file of Emerson WirelessHART Gateway.

What is CVE-2021-38485?

The affected product, WirelessHART Gateway by Emerson, is vulnerable to improper input validation in the restore file, enabling attackers to replace files on disk with malicious config files.

The Impact of CVE-2021-38485

This vulnerability has a CVSS v3.1 base score of 8, indicating a high severity issue with confidentiality, integrity, and availability impacts. It requires low privileges and user interaction for exploitation.

Technical Details of CVE-2021-38485

The following technical details outline the vulnerability:

Vulnerability Description

Improper input validation in the restore file allows attackers to provide malicious config files to replace any file on disk.

Affected Systems and Versions

Emerson WirelessHART Gateway versions 1410, 1410D, and 1420 with a firmware version less than or equal to 4.7.94 are affected.

Exploitation Mechanism

Attackers can exploit this vulnerability by providing malicious config files to replace legitimate files on the device.

Mitigation and Prevention

To address CVE-2021-38485, consider the following mitigation steps:

Immediate Steps to Take

Emerson recommends upgrading to version 4.7.105 to remediate these vulnerabilities. Users can visit the Emerson Gate Firmware site for download instructions.

Long-Term Security Practices

Implement security best practices such as regularly updating firmware and validating input data to prevent similar vulnerabilities.

Patching and Updates

Ensure timely patching of affected systems and stay informed about security updates to protect against potential threats.