Emerson WirelessHART Gateway (ICSA-20-135-02) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on an improper access control vulnerability in Emerson WirelessHART Gateway. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could disable the internal gateway firewall. Once the gateway’s firewall is disabled, a malicious user could issue specific commands to the gateway, which could then be forwarded on to the end user’s wireless devices. Emerson recommends end users update the firmware on VLAN-enabled Version 4 gateways as soon as possible. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.