PT-2018-12726 · Emerson · Emerson Deltav Dcs
Publicado
2018-08-23
·
Atualizado
2022-07-12
·
CVE-2018-14791
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5
Description
The issue allows non-administrative users to change executable and library files on the affected products.
Recommendations
For Emerson DeltaV DCS version 11.3.1, restrict access to executable and library files to prevent unauthorized changes.
For Emerson DeltaV DCS version 12.3.1, limit privileges to prevent non-administrative users from modifying system files.
For Emerson DeltaV DCS version 13.3.0, consider implementing additional access controls to safeguard executable and library files.
For Emerson DeltaV DCS version 13.3.1, apply configuration changes to restrict file modifications to administrative users only.
For Emerson DeltaV DCS version R5, ensure that only authorized personnel have access to modify system files.
Correção
Improper Privilege Management
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Emerson Deltav Dcs