CVE-2014-2350

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program.
References
Link Resource
http://ics-cert.us-cert.gov/advisories/ICSA-14-133-02 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:emerson:deltav:10.3.1:*:*:*:*:*:*:*
cpe:2.3:a:emerson:deltav:11.3:*:*:*:*:*:*:*
cpe:2.3:a:emerson:deltav:11.3.1:*:*:*:*:*:*:*
cpe:2.3:a:emerson:deltav:12.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-05-22 20:55

Updated : 2024-02-28 12:20


NVD link : CVE-2014-2350

Mitre link : CVE-2014-2350

CVE.ORG link : CVE-2014-2350


JSON object : View

Products Affected

emerson

  • deltav
CWE
CWE-255

Credentials Management Errors