Cleartext Storage of Sensitive Information in Memory

CVE-2025-50109

High

8.5/10

Summary

Emerson ValveLink Products store sensitive information in cleartext within a resource that might be accessible to another control sphere.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-316 - Cleartext Storage of Sensitive Information in Memory

The application stores sensitive information in cleartext in memory.

References

Advisory Timeline

Published Jul 11, 2025