Vulnerabilities > CVE-2012-4703 - Resource Management Errors vulnerability in Emerson products

CVSS 6.1 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

low complexity

emerson

CWE-399

NVD

Published: 2013-03-11

Updated: 2013-03-18

Summary

The Emerson DeltaV SE3006 through 11.3.1, DeltaV VE3005 through 10.3.1 and 11.x through 11.3.1, and DeltaV VE3006 through 10.3.1 and 11.x through 11.3.1 allow remote attackers to cause a denial of service (device restart) via a crafted packet on (1) TCP port 23, (2) UDP port 161, or (3) TCP port 513.

Vulnerable Configurations

Part	Description	Count
Application	Emerson Emerson Deltav Se3006 SD Plus Controller * Emerson Deltav Ve3005 Controller MD * Emerson Deltav Ve3006 Controller MD Plus *	3

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

http://ics-cert.us-cert.gov/pdf/ICSA-13-053-01.pdf