Vulnerability CVE-2022-2791

Vulnerability CVE-2022-2791

Published: 2022-11-22

Description:

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC.

Type:

CWE-434

(Unrestricted Upload of File with Dangerous Type)

References:

https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-06

Copyright 2026, cxsecurity.com