4 matches found
Emerson DeltaV Distributed Control System Use of Hard-Coded Credentials (CVE-2022-29964)
The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. WIOC SSH provides access to a shell as root, DeltaV, or backup via hardcoded credentials. NOTE: this is different from CVE-2014-2350. - The Emerson DeltaV Distributed Control System DCS...
CVE-2022-29964
The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. WIOC SSH provides access to a shell as root, DeltaV, or backup via hardcoded credentials. NOTE: this is different from CVE-2014-2350...
CVE-2022-29964
Summary of the CVE-2022-29964 family (Emerson DeltaV DCS): The vulnerabilities involve misuse of passwords in DeltaV controllers and IO cards up to 2022-04-29. Specifically, WIOC SSH provides a root/DeltaV/backup shell via hardcoded credentials, enabling local access. The issue affects S-series, ...
Emerson DeltaV Distributed Control System Use of Hard-Coded Credentials (CVE-2022-29962, CVE-2022-29963, CVE-2022-29964, CVE-2022-29965, CVE-2022-30261, CVE-2022-30263, CVE-2022-30266)
The device may be vulnerable to flaws related to OT:ICEFALL. These vulnerabilities identify the insecure-by-design nature of OT devices and may not have a clear remediation path. As such, Nessus is unable to test specifically for these vulnerabilities but has identified the device to be one that...