Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation on the DeltaV Distributed Control System Controllers and Workstations (All versions) when some DeltaV services are started.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-04 | Mitigation Third Party Advisory US Government Resource |
https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-04 | Mitigation Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:31
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.9
v3 : 8.1 |
References | () https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-04 - Mitigation, Third Party Advisory, US Government Resource |
12 Jul 2022, 17:16
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:emerson:deltav:*:*:*:*:*:*:*:* cpe:2.3:h:emerson:deltav_workstation:-:*:*:*:*:*:*:* |
cpe:2.3:a:emerson:deltav:14:feature_pack1:*:*:*:*:*:* cpe:2.3:a:emerson:deltav:14.3.1:*:*:*:*:*:*:* cpe:2.3:a:emerson:deltav:14:feature_pack2:*:*:*:*:*:* cpe:2.3:a:emerson:deltav:13.3.1:*:*:*:*:*:*:* cpe:2.3:a:emerson:deltav:r6:*:*:*:*:*:*:* |
12 Jul 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.9
v3 : 7.3 |
CPE | cpe:2.3:h:emerson:deltav_distributed_control_system:-:*:*:*:*:*:*:* |
cpe:2.3:a:emerson:deltav:*:*:*:*:*:*:*:* |
25 Feb 2022, 14:26
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:emerson:deltav_workstation_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:emerson:deltav_distributed_control_system:-:*:*:*:*:*:*:* cpe:2.3:o:emerson:deltav_distributed_control_system_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:emerson:deltav_workstation:-:*:*:*:*:*:*:* |
|
CWE | CWE-427 | |
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.3 |
References | (MISC) https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-04 - Mitigation, Third Party Advisory, US Government Resource |
28 Jan 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-01-28 20:15
Updated : 2024-11-21 06:31
NVD link : CVE-2021-44463
Mitre link : CVE-2021-44463
CVE.ORG link : CVE-2021-44463
JSON object : View
Products Affected
emerson
- deltav
CWE
CWE-427
Uncontrolled Search Path Element