CVE-2025-48496

Emerson ValveLink products 
use a fixed or controlled search path to find resources, but one or 
more locations in that path can be under the control of unintended 
actors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.1 MEDIUM
LOCAL
HIGH
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
icscertCNA
5.1 MEDIUM
LOCAL
HIGH
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://www.cisa.gov/news-events/ics-advisories/icsa-25-189-01
https://www.emerson.com/en-us/support/security-notifications
https://www.emerson.com/en-us/support/software-downloads-drivers