- Description
- Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation on the DeltaV Distributed Control System Controllers and Workstations (All versions) when some DeltaV services are started.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 7.3
- Impact score
- 5.9
- Exploitability score
- 1.3
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.9
- Impact score
- 10
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emerson:deltav:13.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01456184-6B25-4029-82D4-F5BF16180D7D"
},
{
"criteria": "cpe:2.3:a:emerson:deltav:14:feature_pack1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2061D08-4DF5-473E-A68A-C1E6DD1EEA37"
},
{
"criteria": "cpe:2.3:a:emerson:deltav:14:feature_pack2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "06B9E5CA-A790-4298-AA75-A10D62ECCD57"
},
{
"criteria": "cpe:2.3:a:emerson:deltav:14.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C96A8836-877A-4796-9A28-E7D9AB412024"
},
{
"criteria": "cpe:2.3:a:emerson:deltav:r6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "713DC40C-D9B9-43AA-9907-150467EAE43F"
}
],
"operator": "OR"
}
]
}
]