4 matches found
Emerson DeltaV Distributed Control System Use of Hard-Coded Credentials (CVE-2022-29962)
The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. FTP has hardcoded credentials but may often be disabled in production. This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350. - The Emerson...
CVE-2022-29962
The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. FTP has hardcoded credentials but may often be disabled in production. This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350...
CVE-2022-29962
CVE-2022-29962 affects Emerson DeltaV DCS controllers and IO cards (S-series, P-series, CIOC/EIOC) with hardcoded FTP credentials used up to 2022-04-29. The issue stems from misuse of passwords and an FTP service that may be disabled in production; the CVSSv3.1 vector indicates local access, low ...
Emerson DeltaV Distributed Control System Use of Hard-Coded Credentials (CVE-2022-29962, CVE-2022-29963, CVE-2022-29964, CVE-2022-29965, CVE-2022-30261, CVE-2022-30263, CVE-2022-30266)
The device may be vulnerable to flaws related to OT:ICEFALL. These vulnerabilities identify the insecure-by-design nature of OT devices and may not have a clear remediation path. As such, Nessus is unable to test specifically for these vulnerabilities but has identified the device to be one that...