CVE-2014-2350CVE-2014-2350

Affected configuration(s):

cpe:/a:emerson:deltav:10.3.1
cpe:/a:emerson:deltav:11.3
cpe:/a:emerson:deltav:11.3.1
cpe:/a:emerson:deltav:12.3

Date published: 2014-05-22T16:55:06.440-04:00

Date last modified: 2014-05-23T10:14:49.323-04:00

CVSS Score: 7.5

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://ics-cert.us-cert.gov/advisories/ICSA-14-133-02

Summary: Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.