CVE-2025-53471
5.1 MEDIUMEmerson ValveLink products receive input or data, but does not validate or incorrectly validates that the input has the properties that...
Published: 2025-07-11 · Last updated: 2026-06-04
Severity and scoring
- CVSS
- 5.1 MEDIUM
- Vector
- CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
- CWE
- CWE-20
Description
Emerson ValveLink products receive input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2025-53471
- [Other]https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-189-01.json
- [Other]https://www.cisa.gov/news-events/ics-advisories/icsa-25-189-01
- [Other]https://www.emerson.com/en-us/support/security-notifications
- [Other]https://www.emerson.com/en-us/support/software-downloads-drivers
Related CVEs
Same CWE
- CVE-2026-12191 — A vulnerability was found in Comma AI Openpilot 0.11 (7.8 HIGH)
- CVE-2026-45013 — ApostropheCMS is an open-source Node.js content management system (8.1 HIGH)
- CVE-2026-54133 — jmespath.php allows users to use JMESPath, software for declaratively specifying how to extract elements from a JSON document, in PHP app... (9.8 CRITICAL)
- CVE-2026-47196 — Quest Bot is an opensource Discord Bot
- CVE-2026-50633 — A JNDI Injection vulnerability has been discovered in Apache CXF's JCA integration module, which can allow for code execution, if an atta... (8.1 HIGH)