Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation on the DeltaV Distributed Control System Controllers and Workstations (All versions) when some DeltaV services are started.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-04 | Mitigation Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
|
History
12 Jul 2022, 17:16
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:emerson:deltav_workstation:-:*:*:*:*:*:*:* cpe:2.3:a:emerson:deltav:*:*:*:*:*:*:*:* |
cpe:2.3:a:emerson:deltav:14:feature_pack1:*:*:*:*:*:* cpe:2.3:a:emerson:deltav:14.3.1:*:*:*:*:*:*:* cpe:2.3:a:emerson:deltav:r6:*:*:*:*:*:*:* cpe:2.3:a:emerson:deltav:14:feature_pack2:*:*:*:*:*:* cpe:2.3:a:emerson:deltav:13.3.1:*:*:*:*:*:*:* |
12 Jul 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:emerson:deltav_distributed_control_system:-:*:*:*:*:*:*:* |
cpe:2.3:a:emerson:deltav:*:*:*:*:*:*:*:* |
First Time |
Emerson deltav
|
|
CVSS |
v2 : v3 : |
v2 : 6.9
v3 : 7.3 |
25 Feb 2022, 14:26
Type | Values Removed | Values Added |
---|---|---|
First Time |
Emerson deltav Distributed Control System Firmware
Emerson deltav Distributed Control System Emerson deltav Workstation Emerson deltav Workstation Firmware Emerson |
|
References | (MISC) https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-04 - Mitigation, Third Party Advisory, US Government Resource | |
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.3 |
CWE | CWE-427 | |
CPE | cpe:2.3:o:emerson:deltav_distributed_control_system_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:emerson:deltav_distributed_control_system:-:*:*:*:*:*:*:* cpe:2.3:h:emerson:deltav_workstation:-:*:*:*:*:*:*:* cpe:2.3:o:emerson:deltav_workstation_firmware:*:*:*:*:*:*:*:* |
28 Jan 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-01-28 20:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-44463
Mitre link : CVE-2021-44463
CVE.ORG link : CVE-2021-44463
JSON object : View
Products Affected
emerson
- deltav
CWE
CWE-427
Uncontrolled Search Path Element