Insufficient Firmware Integrity Verification in Emerson DeltaV Distributed Control System (DCS)

Insufficient Firmware Integrity Verification in Emerson DeltaV Distributed Control System (DCS)

CVE-2022-30260 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Emerson DeltaV Distributed Control System (DCS) has insufficient verification of firmware integrity (an inadequate checksum approach, and no signature). This affects versions before 14.3 of DeltaV M-series, DeltaV S-series, DeltaV P-series, DeltaV SIS, and DeltaV CIOC/EIOC/WIOC IO cards.

Learn more about our Web Application Penetration Testing UK.