Emerson SE4017P0 H1 I/O Interface Card And Terminl Block

CPE Details

Emerson SE4017P0 H1 I/O Interface Card And Terminl Block
-
2022-08-03 14:32 +00:00
2022-09-07 14:18 +00:00

Alerte pour un CPE

Stay informed of any changes for a specific CPE.
Alert management

CPE Name: cpe:2.3:h:emerson:se4017p0_h1_i\/o_interface_card_and_terminl_block:-:*:*:*:*:*:*:*

Informations

Vendor

emerson

Product

se4017p0_h1_i\/o_interface_card_and_terminl_block

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-30260 2022-12-25 23:00 +00:00 Emerson DeltaV Distributed Control System (DCS) has insufficient verification of firmware integrity (an inadequate checksum approach, and no signature). This affects versions before 14.3 of DeltaV M-series, DeltaV S-series, DeltaV P-series, DeltaV SIS, and DeltaV CIOC/EIOC/WIOC IO cards.
7.8
HIGH
CVE-2022-29962 2022-07-26 19:14 +00:00 The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. FTP has hardcoded credentials (but may often be disabled in production). This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350.
5.5
MEDIUM
CVE-2022-29963 2022-07-26 19:14 +00:00 The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. TELNET on port 18550 provides access to a root shell via hardcoded credentials. This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350.
5.5
MEDIUM
CVE-2022-29964 2022-07-26 19:14 +00:00 The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. WIOC SSH provides access to a shell as root, DeltaV, or backup via hardcoded credentials. NOTE: this is different from CVE-2014-2350.
5.5
MEDIUM
CVE-2022-29965 2022-07-26 19:14 +00:00 The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. Access to privileged operations on the maintenance port TELNET interface (23/TCP) on M-series and SIS (CSLS/LSNB/LSNG) nodes is controlled by means of utility passwords. These passwords are generated using a deterministic, insecure algorithm using a single seed value composed of a day/hour/minute timestamp with less than 16 bits of entropy. The seed value is fed through a lookup table and a series of permutation operations resulting in three different four-character passwords corresponding to different privilege levels. An attacker can easily reconstruct these passwords and thus gain access to privileged maintenance operations. NOTE: this is different from CVE-2014-2350.
5.5
MEDIUM
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.