Vulnerabilities > Emerson > Deltav
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-28 | CVE-2021-44463 | Uncontrolled Search Path Element vulnerability in Emerson Deltav Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation on the DeltaV Distributed Control System Controllers and Workstations (All versions) when some DeltaV services are started. | 7.3 |
| 2019-01-25 | CVE-2018-19021 | Improper Restriction of Excessive Authentication Attempts vulnerability in Emerson Deltav A specially crafted script could bypass the authentication of a maintenance port of Emerson DeltaV DCS Versions 11.3.1, 11.3.2, 12.3.1, 13.3.1, 14.3, R5.1, R6 and prior, which may allow an attacker to cause a denial of service. | 6.5 |
| 2018-08-23 | CVE-2018-14797 | Uncontrolled Search Path Element vulnerability in Emerson Deltav Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 allow a specially crafted DLL file to be placed in the search path and loaded as an internal and valid DLL, which may allow arbitrary code execution. | 7.8 |
| 2018-08-23 | CVE-2018-14791 | Improper Privilege Management vulnerability in Emerson Deltav Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may allow non-administrative users to change executable and library files on the affected products. | 7.8 |
| 2018-08-21 | CVE-2018-14795 | Path Traversal vulnerability in Emerson Deltav DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable due to improper path validation which may allow an attacker to replace executable files. | 8.8 |
| 2018-08-21 | CVE-2018-14793 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Emerson Deltav DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable to a buffer overflow exploit through an open communication port to allow arbitrary code execution. | 8.8 |
| 2017-02-13 | CVE-2016-9345 | Permissions, Privileges, and Access Controls vulnerability in Emerson Deltav 12.3/12.3.1/13.3 An issue was discovered in Emerson DeltaV Easy Security Management DeltaV V12.3, DeltaV V12.3.1, and DeltaV V13.3. | 6.8 |