Lucene search

K
cvelistMitreCVELIST:CVE-2022-29957
HistoryJul 26, 2022 - 9:14 p.m.

CVE-2022-29957

2022-07-2621:14:50
mitre
www.cve.org

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.4%

The Emerson DeltaV Distributed Control System (DCS) through 2022-04-29 mishandles authentication. It utilizes several proprietary protocols for a wide variety of functionality. These protocols include Firmware upgrade (18508/TCP, 18518/TCP); Plug-and-Play (18510/UDP); Hawk services (18507/UDP); Management (18519/TCP); Cold restart (18512/UDP); SIS communications (12345/TCP); and Wireless Gateway Protocol (18515/UDP). None of these protocols have any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality.

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.4%

Related for CVELIST:CVE-2022-29957