CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-2350

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.3%

CVSS Severity

CVSS v2 Score 7.5

References

http://ics-cert.us-cert.gov/advisories/ICSA-14-133-02
http://ics-cert.us-cert.gov/advisories/ICSA-14-133-02

Products affected by CVE-2014-2350

Emerson » Deltav » Version: 10.3.1

cpe:2.3:a:emerson:deltav:10.3.1
Emerson » Deltav » Version: 11.3

cpe:2.3:a:emerson:deltav:11.3
Emerson » Deltav » Version: 11.3.1

cpe:2.3:a:emerson:deltav:11.3.1
Emerson » Deltav » Version: 12.3

cpe:2.3:a:emerson:deltav:12.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-2350

Products

Pricing

Contact Us