Vulnerabilities > Emerson > Deltav > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-28 | CVE-2021-44463 | Uncontrolled Search Path Element vulnerability in Emerson Deltav Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation on the DeltaV Distributed Control System Controllers and Workstations (All versions) when some DeltaV services are started. | 7.3 |
| 2018-08-23 | CVE-2018-14797 | Uncontrolled Search Path Element vulnerability in Emerson Deltav Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 allow a specially crafted DLL file to be placed in the search path and loaded as an internal and valid DLL, which may allow arbitrary code execution. | 7.8 |
| 2018-08-23 | CVE-2018-14791 | Improper Privilege Management vulnerability in Emerson Deltav Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may allow non-administrative users to change executable and library files on the affected products. | 7.8 |
| 2018-08-21 | CVE-2018-14795 | Path Traversal vulnerability in Emerson Deltav DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable due to improper path validation which may allow an attacker to replace executable files. | 8.8 |
| 2018-08-21 | CVE-2018-14793 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Emerson Deltav DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable to a buffer overflow exploit through an open communication port to allow arbitrary code execution. | 8.8 |