CVE-2014-2350 (GCVE-0-2014-2350)

Vulnerability from cvelistv5 – Published: 2014-05-22 20:00 – Updated: 2025-10-31 22:55
VLAI?
Summary
Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
Emerson DeltaV Affected: 10.3.1
Affected: 11.3
Affected: 11.3.1
Affected: 12.3
Create a notification for this product.
Credits
Kirill Nesterov, Alexander Tlyapov, Dmitry Nagibin, Alexey Osipov, and Timur Yunusov of Positive Technologies
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:14:25.031Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-133-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "DeltaV",
          "vendor": "Emerson",
          "versions": [
            {
              "status": "affected",
              "version": "10.3.1"
            },
            {
              "status": "affected",
              "version": "11.3"
            },
            {
              "status": "affected",
              "version": "11.3.1"
            },
            {
              "status": "affected",
              "version": "12.3"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Kirill Nesterov, Alexander Tlyapov, Dmitry Nagibin, Alexey Osipov, and Timur Yunusov of Positive Technologies"
        }
      ],
      "datePublic": "2014-05-22T06:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\n\nEmerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program.\n\n\u003c/p\u003e"
            }
          ],
          "value": "Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program."
        }
      ],
      "metrics": [
        {
          "cvssV2_0": {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.4,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:H/Au:S/C:N/I:P/A:P",
            "version": "2.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-31T22:55:07.498Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-133-02"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Emerson has created a patch to mitigate these vulnerabilities. Emerson \nhas distributed a notification (KBA NK-1400-0031) that provides details \nof the vulnerabilities, recommended mitigations, and instructions on \nobtaining and installing the patch. This document is available on \nEmerson\u2019s support site to users who have support contracts with Emerson.\n If you do not have access to this site and need to apply the patch, \nplease contact customer service at 1\u2011800\u2011833\u20118314.\n\n\u003cbr\u003e"
            }
          ],
          "value": "Emerson has created a patch to mitigate these vulnerabilities. Emerson \nhas distributed a notification (KBA NK-1400-0031) that provides details \nof the vulnerabilities, recommended mitigations, and instructions on \nobtaining and installing the patch. This document is available on \nEmerson\u2019s support site to users who have support contracts with Emerson.\n If you do not have access to this site and need to apply the patch, \nplease contact customer service at 1\u2011800\u2011833\u20118314."
        }
      ],
      "source": {
        "advisory": "ICSA-14-133-02",
        "discovery": "UNKNOWN"
      },
      "title": "Emerson DeltaV Use of Hard-coded Credentials",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2014-2349",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 allows local users to modify or read configuration files by leveraging engineering-level privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-133-02",
              "refsource": "MISC",
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-133-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2014-2350",
    "datePublished": "2014-05-22T20:00:00",
    "dateReserved": "2014-03-13T00:00:00",
    "dateUpdated": "2025-10-31T22:55:07.498Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:emerson:deltav:10.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E005DD9A-07FB-4DE2-810B-372E62A091B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:emerson:deltav:11.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0123046-D89E-4FBB-9176-C04E0C65E9AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:emerson:deltav:11.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"943B3480-56C4-4131-BE8F-62FE035D4619\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:emerson:deltav:12.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DA838B9-D68D-46FE-88A8-C0D1C3AC407C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program.\"}, {\"lang\": \"es\", \"value\": \"Emerson DeltaV 10.3.1, 11.3, 11.3.1 y 12.3 utiliza credenciales embebidas para servicios diagn\\u00f3sticos, lo que permite a atacantes remotos evadir restricciones de acceso a trav\\u00e9s de una sesi\\u00f3n TCP, tal y como fue demostrado por una sesi\\u00f3n que utiliza el programa telnet.\"}]",
      "id": "CVE-2014-2350",
      "lastModified": "2024-11-21T02:06:07.837",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2014-05-22T20:55:06.440",
      "references": "[{\"url\": \"http://ics-cert.us-cert.gov/advisories/ICSA-14-133-02\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://ics-cert.us-cert.gov/advisories/ICSA-14-133-02\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}]",
      "sourceIdentifier": "ics-cert@hq.dhs.gov",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-255\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-2350\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2014-05-22T20:55:06.440\",\"lastModified\":\"2025-10-31T23:15:32.127\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program.\"},{\"lang\":\"es\",\"value\":\"Emerson DeltaV 10.3.1, 11.3, 11.3.1 y 12.3 utiliza credenciales embebidas para servicios diagn\u00f3sticos, lo que permite a atacantes remotos evadir restricciones de acceso a trav\u00e9s de una sesi\u00f3n TCP, tal y como fue demostrado por una sesi\u00f3n que utiliza el programa telnet.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:S/C:N/I:P/A:P\",\"baseScore\":2.4,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":1.5,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-255\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emerson:deltav:10.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E005DD9A-07FB-4DE2-810B-372E62A091B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emerson:deltav:11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0123046-D89E-4FBB-9176-C04E0C65E9AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emerson:deltav:11.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"943B3480-56C4-4131-BE8F-62FE035D4619\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emerson:deltav:12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DA838B9-D68D-46FE-88A8-C0D1C3AC407C\"}]}]}],\"references\":[{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-14-133-02\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"http://ics-cert.us-cert.gov/advisories/ICSA-14-133-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.