Emerson Electrics Proficy
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Emerson Electrics Proficy.
By the Year
In 2026 there have been 0 vulnerabilities in Emerson Electrics Proficy. Electrics Proficy did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 5 | 6.80 |
It may take a day or so for new Electrics Proficy vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Emerson Electrics Proficy Security Vulnerabilities
Proficy Machine Edition <9.0 CVE-2022-2789 CWE-345 Data Auth. Verification
CVE-2022-2789
5.5 - Medium
- August 19, 2022
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic.
Insufficient Verification of Data Authenticity
Emerson Proficy Machine Edition v9.00 SRTP Integrity Check Failure
CVE-2022-2793
7.8 - High
- August 19, 2022
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol.
Insufficient Verification of Data Authenticity
Proficy ME v9.00 & prior Improper ACL on Project Data Dir
CVE-2022-2792
7.5 - High
- August 19, 2022
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-284 Improper Access Control, and stores project data in a directory with improper access control lists.
Proficy Machine Edition 9.00 Improper Crypto Signature Verification (CWE347)
CVE-2022-2790
5.9 - Medium
- August 19, 2022
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-347 Improper Verification of Cryptographic Signature, and does not properly verify compiled logic (PDT files) and data blocks data (BLD/BLK files).
Improper Verification of Cryptographic Signature
Proficy Machine Edition 9.8 Path Traversal (ZipSlip) via Upload Procedure
CVE-2022-2788
7.3 - High
- August 19, 2022
Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: '\..\Filename', also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering station onto Windows in a way that executes the malicious code.
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Emerson Electrics Proficy or by Emerson? Click the Watch button to subscribe.
