Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-29957

The Emerson DeltaV Distributed Control System (DCS) through 2022-04-29 mishandles authentication. It utilizes several proprietary protocols for a wide variety of functionality. These protocols include Firmware upgrade (18508/TCP, 18518/TCP); Plug-and-Play (18510/UDP); Hawk services (18507/UDP); Management (18519/TCP); Cold restart (18512/UDP); SIS communications (12345/TCP); and Wireless Gateway Protocol (18515/UDP). None of these protocols have any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.8%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2022-29957


Contact Us

Shodan ® - All rights reserved