PT-2022-3156 · Emerson · Emerson Deltav Distributed Control System
Published
2022-06-22
·
Updated
2023-01-24
·
CVE-2022-29957
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Emerson DeltaV Distributed Control System (DCS) through 2022-04-29
Description
The issue is related to weaknesses in the authentication procedure of the Emerson DeltaV Distributed Control System (DCS). This allows a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. The system utilizes several proprietary protocols for various functionalities, including Firmware upgrade, Plug-and-Play, Hawk services, Management, Cold restart, SIS communications, and Wireless Gateway Protocol, all of which lack authentication features. This enables any attacker who can communicate with the relevant ports to invoke desired functionality.
Recommendations
For Emerson DeltaV Distributed Control System (DCS) through 2022-04-29, consider disabling or restricting access to the proprietary protocols until a patch is available. Specifically, restrict access to the following protocols:
- Firmware upgrade on ports 18508/TCP and 18518/TCP
- Plug-and-Play on port 18510/UDP
- Hawk services on port 18507/UDP
- Management on port 18519/TCP
- Cold restart on port 18512/UDP
- SIS communications on port 12345/TCP
- Wireless Gateway Protocol on port 18515/UDP As a temporary workaround, limit the ability of attackers to communicate with these ports to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Missing Authentication
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Emerson Deltav Distributed Control System