CVE-2021-44463

Name of the Vulnerable Software and Affected Versions DeltaV Distributed Control System Controllers and Workstations (All versions)

Description The issue allows an attacker to achieve local privilege escalation when some DeltaV services are started, by replacing missing DLLs. This could be done by an insider.

Recommendations For all versions, consider restricting access to the system to prevent insiders from replacing DLLs until a fix is available. As a temporary workaround, monitor the system for any suspicious activity related to DeltaV services. At the moment, there is no information about a newer version that contains a fix for this vulnerability.