Deltav@11.3.1 Security Vulnerabilities and Issues — Deltav@11.3.1 CVE List

Lucene search

EmersonDeltav11.3.1

13 matches found

CVE•added 2014/05/22 8:55 p.m.•54 views

CVE-2014-2350

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program.

7.5CVSS5.3AI score0.00133EPSS

CVE•added 2018/08/21 2:29 p.m.•49 views

CVE-2018-14795

DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable due to improper path validation which may allow an attacker to replace executable files.

8.8CVSS8.5AI score0.01801EPSS

CVE•added 2018/08/23 7:29 p.m.•48 views

CVE-2018-14791

Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may allow non-administrative users to change executable and library files on the affected products.

7.8CVSS7.5AI score0.0008EPSS

CVE•added 2012/06/08 6:55 p.m.•46 views

CVE-2012-1814

Cross-site scripting (XSS) vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.00567EPSS

CVE•added 2014/05/22 8:55 p.m.•46 views

CVE-2014-2349

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 allows local users to modify or read configuration files by leveraging engineering-level privileges.

4.6CVSS6.3AI score0.00052EPSS

CVE•added 2018/08/21 2:29 p.m.•45 views

CVE-2018-14793

DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable to a buffer overflow exploit through an open communication port to allow arbitrary code execution.

8.8CVSS9AI score0.00247EPSS

CVE•added 2019/01/25 8:29 p.m.•45 views

CVE-2018-19021

A specially crafted script could bypass the authentication of a maintenance port of Emerson DeltaV DCS Versions 11.3.1, 11.3.2, 12.3.1, 13.3.1, 14.3, R5.1, R6 and prior, which may allow an attacker to cause a denial of service.

6.5CVSS6.5AI score0.00495EPSS

CVE•added 2018/08/23 7:29 p.m.•42 views

CVE-2018-14797

Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 allow a specially crafted DLL file to be placed in the search path and loaded as an internal and valid DLL, which may allow arbitrary code execution.

7.8CVSS7.7AI score0.00225EPSS

CVE•added 2012/06/08 6:55 p.m.•41 views

CVE-2012-1817

Buffer overflow in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via an invalid field in a project file.

7.5CVSS8.2AI score0.02379EPSS

CVE•added 2012/06/08 6:55 p.m.•41 views

CVE-2012-1818

An unspecified ActiveX control in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to overwrite arbitrary files via unknown vectors.

6.4CVSS7AI score0.00562EPSS

CVE•added 2012/06/08 6:55 p.m.•40 views

CVE-2012-1815

SQL injection vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5CVSS8.6AI score0.00517EPSS

CVE•added 2012/06/08 6:55 p.m.•39 views

CVE-2012-1816

PORTSERV.exe in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to cause a denial of service (daemon crash) via a crafted (1) TCP or (2) UDP packet to port 111.

5CVSS6.8AI score0.00785EPSS

CVE•added 2012/10/01 6:55 p.m.•39 views

CVE-2012-3035

Buffer overflow in Emerson DeltaV 9.3.1 and 10.3 through 11.3.1 allows remote attackers to cause a denial of service (daemon crash) via a long string to an unspecified port.

5CVSS7AI score0.00738EPSS