6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.8%
DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable to a buffer overflow exploit through an open communication port to allow arbitrary code execution.
This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(500397);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/04");
script_cve_id("CVE-2018-14793");
script_name(english:"Emerson DeltaV DCS Workstations Stack-Based Buffer Overflow (CVE-2018-14793)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable to a buffer overflow exploit through an open
communication port to allow arbitrary code execution.
This plugin only works with Tenable.ot. Please visit
https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://ics-cert.us-cert.gov/advisories/ICSA-18-228-01");
script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/bid/105105");
script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.
Emerson recommends users patch the affected products listed below:
- DeltaV DCS Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5: Apply patch from vendor.
Software patches are available to users with access to the Guardian Support Portal at
https://guardian.emersonprocess.com/. Please refer to the Knowledge Base Article AK-1800- 0042 (DSN18003) for more
information.
Vulnerabilities CVE-2018-14797, CVE-2018-14795, and CVE-2018-14791 cannot be exploited if application whitelisting is
implemented since it would prevent files from being overwritten.
To limit exposure to these and other vulnerabilities, Emerson recommends deploying and configuring DeltaV systems and
related components as described in the DeltaV Security Manual, which is available in EmersonΓ’ΒΒs Guardian Support Portal.");
script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-14793");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(119);
script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/21");
script_set_attribute(attribute:"patch_publication_date", value:"2018/08/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/07");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:emerson:deltav:13.3.1");
script_set_attribute(attribute:"cpe", value:"cpe:/a:emerson:deltav:11.3.1");
script_set_attribute(attribute:"cpe", value:"cpe:/a:emerson:deltav:12.3.1");
script_set_attribute(attribute:"cpe", value:"cpe:/a:emerson:deltav:13.3.0");
script_set_attribute(attribute:"cpe", value:"cpe:/a:emerson:deltav:r5");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Emerson");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Emerson');
var asset = tenable_ot::assets::get(vendor:'Emerson');
var vuln_cpes = {
"cpe:/a:emerson:deltav:13.3.1" :
{"versionEndIncluding" : "13.3.1", "versionStartIncluding" : "13.3.1", "family" : "DeltaV"},
"cpe:/a:emerson:deltav:11.3.1" :
{"versionEndIncluding" : "11.3.1", "versionStartIncluding" : "11.3.1", "family" : "DeltaV"},
"cpe:/a:emerson:deltav:12.3.1" :
{"versionEndIncluding" : "12.3.1", "versionStartIncluding" : "12.3.1", "family" : "DeltaV"},
"cpe:/a:emerson:deltav:13.3.0" :
{"versionEndIncluding" : "13.3.0", "versionStartIncluding" : "13.3.0", "family" : "DeltaV"},
"cpe:/a:emerson:deltav:r5" :
{"versionEndIncluding" : "r5", "versionStartIncluding" : "r5", "family" : "DeltaV"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.8%