Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Emerson Subscribe
Total 85 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-14797 1 Emerson 1 Deltav 2024-11-21 6.8 MEDIUM 7.8 HIGH
Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 allow a specially crafted DLL file to be placed in the search path and loaded as an internal and valid DLL, which may allow arbitrary code execution.
CVE-2018-14795 1 Emerson 1 Deltav 2024-11-21 6.5 MEDIUM 8.8 HIGH
DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable due to improper path validation which may allow an attacker to replace executable files.
CVE-2018-14793 1 Emerson 1 Deltav 2024-11-21 5.8 MEDIUM 8.8 HIGH
DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable to a buffer overflow exploit through an open communication port to allow arbitrary code execution.
CVE-2018-14791 1 Emerson 1 Deltav 2024-11-21 4.6 MEDIUM 7.8 HIGH
Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may allow non-administrative users to change executable and library files on the affected products.
CVE-2018-11691 1 Emerson 2 Ve6046, Ve6046 Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
Emerson DeltaV Smart Switch Command Center application, available in versions 11.3.x and 12.3.1, was unable to change the DeltaV Smart Switches’ management password upon commissioning. Emerson released patches for DeltaV workstations to address this issue, and the patches can be downloaded from Emerson’s Guardian Support Portal. Please refer to the DeltaV Security Notification DSN19003 (KBA NK-1900-0808) for more information about this issue. DeltaV versions 13.3 and higher use the Network Device Command Center application to manage DeltaV Smart Switches, and this newer application is not impacted by this issue. After patching the Smart Switch Command Center, users are required to either commission the DeltaV Smart Switches or change password using the tool.