The affected components may allow an attacker to run an arbitrary commands with system privileges or perform remote code execution via a specific communication service.
Inadequate folder security permissions may allow modification of important configuration files, which could cause the system to fail or behave in an unpredictable manner.
Inadequate encryption may allow the passwords for OpenEnterprise user accounts to be obtained.
OpenEnterprise all versions through 3.3.4
Emerson recommends all users upgrade to OpenEnterprise 3.3, Service Pack 5 (3.3.5).