Browse all 4 CVE security advisories affecting Valmet. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Valmet provides automation and technology solutions for the pulp, paper, and energy industries, focusing on process control systems and industrial automation. Historically, their systems have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and misconfigured access controls. While no major public security incidents have been widely reported, the presence of four CVEs indicates ongoing security challenges in their web interfaces and control systems. Their industrial control systems face typical OT security risks, including potential for disruption in critical infrastructure environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-0416 | Valmet DNA Local privilege escalation through insecure DCOM configuration — Valmet DNACWE-269 | 7.8AI | HighAI | 2025-04-01 |
| CVE-2025-0417 | Valmet DNA Lack of protection against brute force attacks — Valmet DNACWE-307 | 9.1AI | CriticalAI | 2025-04-01 |
| CVE-2025-0418 | Valmet DNA user passwords in plain text — Valmet DNACWE-312 | 5.5AI | MediumAI | 2025-04-01 |
This page lists every published CVE security advisory associated with Valmet. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.