Vulnerability: Misuse of Passwords in Emerson DeltaV Distributed Control System (DCS) Controllers and IO Cards

Vulnerability: Misuse of Passwords in Emerson DeltaV Distributed Control System (DCS) Controllers and IO Cards

CVE-2022-29964 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. WIOC SSH provides access to a shell as root, DeltaV, or backup via hardcoded credentials. NOTE: this is different from CVE-2014-2350.

Learn more about our Cis Benchmark Audit For Suse Linux Enterprise Server.