CVE-2023-51761

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could bypass authentication and acquire admin capabilities.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:emerson:gc370xa_firmware:4.1.5:*:*:*:*:*:*:*
cpe:2.3:h:emerson:gc370xa:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:emerson:gc700xa_firmware:4.1.5:*:*:*:*:*:*:*
cpe:2.3:h:emerson:gc700xa:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:emerson:gc1500xa_firmware:4.1.5:*:*:*:*:*:*:*
cpe:2.3:h:emerson:gc1500xa:-:*:*:*:*:*:*:*

History

10 Jun 2025, 19:15

Type Values Removed Values Added
Summary (en) In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could bypass authentication and acquire admin capabilities. (en) In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could bypass authentication and acquire admin capabilities.
CWE CWE-863

21 Nov 2024, 08:38

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 8.1
v2 : unknown
v3 : 8.3
References () https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01 - Third Party Advisory, US Government Resource () https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01 - Third Party Advisory, US Government Resource
References () https://www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdf - Vendor Advisory () https://www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdf - Vendor Advisory

15 Feb 2024, 07:24

Type Values Removed Values Added
First Time Emerson
Emerson gc1500xa Firmware
Emerson gc1500xa
Emerson gc700xa
Emerson gc700xa Firmware
Emerson gc370xa Firmware
Emerson gc370xa
References () https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01 - () https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01 - Third Party Advisory, US Government Resource
References () https://www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdf - () https://www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdf - Vendor Advisory
CPE cpe:2.3:h:emerson:gc700xa:-:*:*:*:*:*:*:*
cpe:2.3:o:emerson:gc1500xa_firmware:4.1.5:*:*:*:*:*:*:*
cpe:2.3:o:emerson:gc370xa_firmware:4.1.5:*:*:*:*:*:*:*
cpe:2.3:o:emerson:gc700xa_firmware:4.1.5:*:*:*:*:*:*:*
cpe:2.3:h:emerson:gc1500xa:-:*:*:*:*:*:*:*
cpe:2.3:h:emerson:gc370xa:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 8.3
v2 : unknown
v3 : 8.1

09 Feb 2024, 14:31

Type Values Removed Values Added
Summary
  • (es) En los productos Emerson Rosemount GC370XA, GC700XA y GC1500XA, un usuario no autenticado con acceso a la red podría omitir la autenticación y adquirir capacidades de administración.

09 Feb 2024, 04:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-02-09 04:15

Updated : 2025-06-10 19:15


NVD link : CVE-2023-51761

Mitre link : CVE-2023-51761

CVE.ORG link : CVE-2023-51761


JSON object : View

Products Affected

emerson

  • gc700xa
  • gc700xa_firmware
  • gc1500xa_firmware
  • gc1500xa
  • gc370xa_firmware
  • gc370xa
CWE
CWE-863

Incorrect Authorization

CWE-287

Improper Authentication