Lucene search
IcscertCVELIST:CVE-2021-44463HistoryJan 28, 2022 - 7:09 p.m.
CVE-2021-44463 Emerson DeltaV Uncontrolled Search Path Element
2022-01-2819:09:50
icscert
www.cve.org
3
emerson deltav dlls local privilege escalation control system controllers workstations cve-2021-44463 insider threat missing dlls
CVSS3
8.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H
AI Score
8.3
Confidence
High
EPSS
0
Percentile
0.4%
Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation on the DeltaV Distributed Control System Controllers and Workstations (All versions) when some DeltaV services are started.
Related
nvd
nvd
CVE-2021-44463
2022-01-28 20:15:12
cve
cve
CVE-2021-44463
2022-01-28 20:15:12
prion
prion
Privilege escalation
2022-01-28 20:15:00
ics
ics
Emerson DeltaV
2021-12-21 12:00:00
CVSS3
8.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H
AI Score
8.3
Confidence
High
EPSS
0
Percentile
0.4%
Related for CVELIST:CVE-2021-44463