CVE-2014-2350

Summary

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program.

Affected Software

VendorProductVersion RangeStatus
EmersonDeltaV10.3.1affected
EmersonDeltaV11.3affected
EmersonDeltaV11.3.1affected
EmersonDeltaV12.3affected

Weaknesses

  • CWE-798: CWE-798

ADP Enrichment

CVE Program Container

Additional References

References