// For flags

CVE-2022-29965

 

Severity Score

5.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. Access to privileged operations on the maintenance port TELNET interface (23/TCP) on M-series and SIS (CSLS/LSNB/LSNG) nodes is controlled by means of utility passwords. These passwords are generated using a deterministic, insecure algorithm using a single seed value composed of a day/hour/minute timestamp with less than 16 bits of entropy. The seed value is fed through a lookup table and a series of permutation operations resulting in three different four-character passwords corresponding to different privilege levels. An attacker can easily reconstruct these passwords and thus gain access to privileged maintenance operations. NOTE: this is different from CVE-2014-2350.

Los controladores del Sistema de Control Distribuido (DCS) de Emerson DeltaV y las tarjetas IO versiones hasta 29-04-2022, hacen un uso inapropiado de las contraseñas. El acceso a las operaciones privilegiadas en la interfaz TELNET del puerto de mantenimiento (23/TCP) en los nodos de la serie M y SIS (CSLS/LSNB/LSNG) es controlado mediante contraseñas de utilidad. Estas contraseñas son generadas mediante un algoritmo determinista y no seguro usando un único valor semilla compuesto por una marca de tiempo de día/hora/minuto con menos de 16 bits de entropía. El valor de la semilla es alimentado mediante una tabla de búsqueda y una serie de operaciones de permutación resultando en tres contraseñas diferentes de cuatro caracteres correspondientes a diferentes niveles de privilegio. Un atacante puede reconstruir fácilmente estas contraseñas y así conseguir acceso a operaciones de mantenimiento privilegiadas. NOTA: esto es diferente de CVE-2014-2350.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-04-29 CVE Reserved
  • 2022-07-26 CVE Published
  • 2024-02-16 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-327: Use of a Broken or Risky Cryptographic Algorithm
CAPEC
References (2)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Emerson
Search vendor "Emerson"
Deltav Distributed Control System Sq Controller Firmware
Search vendor "Emerson" for product "Deltav Distributed Control System Sq Controller Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Deltav Distributed Control System Sq Controller Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Deltav Distributed Control System Sq Controller
Search vendor "Emerson" for product "Deltav Distributed Control System Sq Controller"
--
Safe
Emerson
Search vendor "Emerson"
Deltav Distributed Control System Sx Controller Firmware
Search vendor "Emerson" for product "Deltav Distributed Control System Sx Controller Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Deltav Distributed Control System Sx Controller Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Deltav Distributed Control System Sx Controller
Search vendor "Emerson" for product "Deltav Distributed Control System Sx Controller"
--
Safe
Emerson
Search vendor "Emerson"
Se4002s1t2b6 High Side 40-pin Mass I\/o Terminal Block Firmware
Search vendor "Emerson" for product "Se4002s1t2b6 High Side 40-pin Mass I\/o Terminal Block Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4002s1t2b6 High Side 40-pin Mass I\/o Terminal Block Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4002s1t2b6 High Side 40-pin Mass I\/o Terminal Block
Search vendor "Emerson" for product "Se4002s1t2b6 High Side 40-pin Mass I\/o Terminal Block"
--
Safe
Emerson
Search vendor "Emerson"
Se4003s2b4 16-pin Mass I\/o Terminal Block Firmware
Search vendor "Emerson" for product "Se4003s2b4 16-pin Mass I\/o Terminal Block Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4003s2b4 16-pin Mass I\/o Terminal Block Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4003s2b4 16-pin Mass I\/o Terminal Block
Search vendor "Emerson" for product "Se4003s2b4 16-pin Mass I\/o Terminal Block"
--
Safe
Emerson
Search vendor "Emerson"
Se4003s2b524-pin Mass I\/o Terminal Block Firmware
Search vendor "Emerson" for product "Se4003s2b524-pin Mass I\/o Terminal Block Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4003s2b524-pin Mass I\/o Terminal Block Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4003s2b524-pin Mass I\/o Terminal Block
Search vendor "Emerson" for product "Se4003s2b524-pin Mass I\/o Terminal Block"
--
Safe
Emerson
Search vendor "Emerson"
Se4017p0 H1 I\/o Interface Card And Terminl Block Firmware
Search vendor "Emerson" for product "Se4017p0 H1 I\/o Interface Card And Terminl Block Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4017p0 H1 I\/o Interface Card And Terminl Block Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4017p0 H1 I\/o Interface Card And Terminl Block
Search vendor "Emerson" for product "Se4017p0 H1 I\/o Interface Card And Terminl Block"
--
Safe
Emerson
Search vendor "Emerson"
Se4017p1 H1 I\/o Card With Integrated Power Firmware
Search vendor "Emerson" for product "Se4017p1 H1 I\/o Card With Integrated Power Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4017p1 H1 I\/o Card With Integrated Power Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4017p1 H1 I\/o Card With Integrated Power
Search vendor "Emerson" for product "Se4017p1 H1 I\/o Card With Integrated Power"
--
Safe
Emerson
Search vendor "Emerson"
Se4019p0 Simplex H1 4-port Plus Fieldbus I\/o Interface With Terminalblock Firmware
Search vendor "Emerson" for product "Se4019p0 Simplex H1 4-port Plus Fieldbus I\/o Interface With Terminalblock Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4019p0 Simplex H1 4-port Plus Fieldbus I\/o Interface With Terminalblock Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4019p0 Simplex H1 4-port Plus Fieldbus I\/o Interface With Terminalblock
Search vendor "Emerson" for product "Se4019p0 Simplex H1 4-port Plus Fieldbus I\/o Interface With Terminalblock"
--
Safe
Emerson
Search vendor "Emerson"
Se4026 Virtual I\/o Module 2 Firmware
Search vendor "Emerson" for product "Se4026 Virtual I\/o Module 2 Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4026 Virtual I\/o Module 2 Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4026 Virtual I\/o Module 2
Search vendor "Emerson" for product "Se4026 Virtual I\/o Module 2"
--
Safe
Emerson
Search vendor "Emerson"
Se4027 Virtual I\/o Module 2 Firmware
Search vendor "Emerson" for product "Se4027 Virtual I\/o Module 2 Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4027 Virtual I\/o Module 2 Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4027 Virtual I\/o Module 2
Search vendor "Emerson" for product "Se4027 Virtual I\/o Module 2"
--
Safe
Emerson
Search vendor "Emerson"
Se4032s1t2b8 High Side 40-pin Do Mass I\/o Terminal Block Firmware
Search vendor "Emerson" for product "Se4032s1t2b8 High Side 40-pin Do Mass I\/o Terminal Block Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4032s1t2b8 High Side 40-pin Do Mass I\/o Terminal Block Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4032s1t2b8 High Side 40-pin Do Mass I\/o Terminal Block
Search vendor "Emerson" for product "Se4032s1t2b8 High Side 40-pin Do Mass I\/o Terminal Block"
--
Safe
Emerson
Search vendor "Emerson"
Se4037p0 H1 I\/o Interface Card And Terminl Block Firmware
Search vendor "Emerson" for product "Se4037p0 H1 I\/o Interface Card And Terminl Block Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4037p0 H1 I\/o Interface Card And Terminl Block Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4037p0 H1 I\/o Interface Card And Terminl Block
Search vendor "Emerson" for product "Se4037p0 H1 I\/o Interface Card And Terminl Block"
--
Safe
Emerson
Search vendor "Emerson"
Se4037p1 Redundant H1 I\/o Card With Integrated Power And Terminal Block Firmware
Search vendor "Emerson" for product "Se4037p1 Redundant H1 I\/o Card With Integrated Power And Terminal Block Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4037p1 Redundant H1 I\/o Card With Integrated Power And Terminal Block Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4037p1 Redundant H1 I\/o Card With Integrated Power And Terminal Block
Search vendor "Emerson" for product "Se4037p1 Redundant H1 I\/o Card With Integrated Power And Terminal Block"
--
Safe
Emerson
Search vendor "Emerson"
Se4039p0 Redundant H1 4-port Plus Fieldbus I\/o Interface With Terminalblock Firmware
Search vendor "Emerson" for product "Se4039p0 Redundant H1 4-port Plus Fieldbus I\/o Interface With Terminalblock Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4039p0 Redundant H1 4-port Plus Fieldbus I\/o Interface With Terminalblock Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4039p0 Redundant H1 4-port Plus Fieldbus I\/o Interface With Terminalblock
Search vendor "Emerson" for product "Se4039p0 Redundant H1 4-port Plus Fieldbus I\/o Interface With Terminalblock"
--
Safe
Emerson
Search vendor "Emerson"
Se4052s1t2b6 High Side 40-pin Mass I\/o Terminal Block Firmware
Search vendor "Emerson" for product "Se4052s1t2b6 High Side 40-pin Mass I\/o Terminal Block Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4052s1t2b6 High Side 40-pin Mass I\/o Terminal Block Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4052s1t2b6 High Side 40-pin Mass I\/o Terminal Block
Search vendor "Emerson" for product "Se4052s1t2b6 High Side 40-pin Mass I\/o Terminal Block"
--
Safe
Emerson
Search vendor "Emerson"
Se4082s1t2b8 High Side 40-pin Do Mass I\/o Terminal Block Firmware
Search vendor "Emerson" for product "Se4082s1t2b8 High Side 40-pin Do Mass I\/o Terminal Block Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4082s1t2b8 High Side 40-pin Do Mass I\/o Terminal Block Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4082s1t2b8 High Side 40-pin Do Mass I\/o Terminal Block
Search vendor "Emerson" for product "Se4082s1t2b8 High Side 40-pin Do Mass I\/o Terminal Block"
--
Safe
Emerson
Search vendor "Emerson"
Se4100 Simplex Ethernet I\/o Card \(eioc\) Assembly Firmware
Search vendor "Emerson" for product "Se4100 Simplex Ethernet I\/o Card \(eioc\) Assembly Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4100 Simplex Ethernet I\/o Card \(eioc\) Assembly Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4100 Simplex Ethernet I\/o Card \(eioc\) Assembly
Search vendor "Emerson" for product "Se4100 Simplex Ethernet I\/o Card \(eioc\) Assembly"
--
Safe
Emerson
Search vendor "Emerson"
Se4101 Simplex Ethernet I\/o Card \(eioc\) Assembly Firmware
Search vendor "Emerson" for product "Se4101 Simplex Ethernet I\/o Card \(eioc\) Assembly Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4101 Simplex Ethernet I\/o Card \(eioc\) Assembly Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4101 Simplex Ethernet I\/o Card \(eioc\) Assembly
Search vendor "Emerson" for product "Se4101 Simplex Ethernet I\/o Card \(eioc\) Assembly"
--
Safe
Emerson
Search vendor "Emerson"
Se4801t0x Redundant Wireless I\/o Card Firmware
Search vendor "Emerson" for product "Se4801t0x Redundant Wireless I\/o Card Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Se4801t0x Redundant Wireless I\/o Card Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Se4801t0x Redundant Wireless I\/o Card
Search vendor "Emerson" for product "Se4801t0x Redundant Wireless I\/o Card"
--
Safe
Emerson
Search vendor "Emerson"
Ve4103 Modbus Tcp Interface For Ethernet Connected I\/o \(eioc\) Firmware
Search vendor "Emerson" for product "Ve4103 Modbus Tcp Interface For Ethernet Connected I\/o \(eioc\) Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Ve4103 Modbus Tcp Interface For Ethernet Connected I\/o \(eioc\) Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Ve4103 Modbus Tcp Interface For Ethernet Connected I\/o \(eioc\)
Search vendor "Emerson" for product "Ve4103 Modbus Tcp Interface For Ethernet Connected I\/o \(eioc\)"
--
Safe
Emerson
Search vendor "Emerson"
Ve4104 Ethernet\/ip Control Tag Integration For Ethernet Connected I\/o \(eioc\) Firmware
Search vendor "Emerson" for product "Ve4104 Ethernet\/ip Control Tag Integration For Ethernet Connected I\/o \(eioc\) Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Ve4104 Ethernet\/ip Control Tag Integration For Ethernet Connected I\/o \(eioc\) Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Ve4104 Ethernet\/ip Control Tag Integration For Ethernet Connected I\/o \(eioc\)
Search vendor "Emerson" for product "Ve4104 Ethernet\/ip Control Tag Integration For Ethernet Connected I\/o \(eioc\)"
--
Safe
Emerson
Search vendor "Emerson"
Ve4105 Ethernet\/ip Interface For Ethernet Connected I\/o \(eioc\) Firmware
Search vendor "Emerson" for product "Ve4105 Ethernet\/ip Interface For Ethernet Connected I\/o \(eioc\) Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Ve4105 Ethernet\/ip Interface For Ethernet Connected I\/o \(eioc\) Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Ve4105 Ethernet\/ip Interface For Ethernet Connected I\/o \(eioc\)
Search vendor "Emerson" for product "Ve4105 Ethernet\/ip Interface For Ethernet Connected I\/o \(eioc\)"
--
Safe
Emerson
Search vendor "Emerson"
Ve4106 Opc-ua Client For Ethernet Connected I\/o \(eioc\) Firmware
Search vendor "Emerson" for product "Ve4106 Opc-ua Client For Ethernet Connected I\/o \(eioc\) Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Ve4106 Opc-ua Client For Ethernet Connected I\/o \(eioc\) Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Ve4106 Opc-ua Client For Ethernet Connected I\/o \(eioc\)
Search vendor "Emerson" for product "Ve4106 Opc-ua Client For Ethernet Connected I\/o \(eioc\)"
--
Safe
Emerson
Search vendor "Emerson"
Ve4107 Iec 61850 Mms Interface For Ethernet Connected I\/o \(eioc\) Firmware
Search vendor "Emerson" for product "Ve4107 Iec 61850 Mms Interface For Ethernet Connected I\/o \(eioc\) Firmware"
<= 2022-04-29
Search vendor "Emerson" for product "Ve4107 Iec 61850 Mms Interface For Ethernet Connected I\/o \(eioc\) Firmware" and version " <= 2022-04-29"
-
Affected
in Emerson
Search vendor "Emerson"
Ve4107 Iec 61850 Mms Interface For Ethernet Connected I\/o \(eioc\)
Search vendor "Emerson" for product "Ve4107 Iec 61850 Mms Interface For Ethernet Connected I\/o \(eioc\)"
--
Safe
Emerson
Search vendor "Emerson"
Deltav Distributed Control System
Search vendor "Emerson" for product "Deltav Distributed Control System"
<= 2022-04-29
Search vendor "Emerson" for product "Deltav Distributed Control System" and version " <= 2022-04-29"
-
Affected