Vulnerability: Misuse of Passwords in Emerson DeltaV DCS Controllers and IO Cards

Vulnerability: Misuse of Passwords in Emerson DeltaV DCS Controllers and IO Cards

CVE-2022-29963 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. TELNET on port 18550 provides access to a root shell via hardcoded credentials. This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350.

Learn more about our Cis Benchmark Audit For Suse Linux Enterprise Server.