Emerson DeltaV DCS Workstations Relative Path Traversal (CVE-2018-14795)

high Tenable OT Security Plugin ID 500438

Synopsis

The remote OT asset is affected by a vulnerability.

Description

DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable due to improper path validation which may allow an attacker to replace executable files.

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Emerson recommends users patch the affected products listed below:

- DeltaV DCS Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5: Apply patch from vendor.

Software patches are available to users with access to the Guardian Support Portal at https://guardian.emersonprocess.com/. Please refer to the Knowledge Base Article AK-1800- 0042 (DSN18003) for more information.

Vulnerabilities CVE-2018-14797, CVE-2018-14795, and CVE-2018-14791 cannot be exploited if application whitelisting is implemented since it would prevent files from being overwritten.

To limit exposure to these and other vulnerabilities, Emerson recommends deploying and configuring DeltaV systems and related components as described in the DeltaV Security Manual, which is available in Emerson’s Guardian Support Portal.

See Also

https://ics-cert.us-cert.gov/advisories/ICSA-18-228-01

http://www.securityfocus.com/bid/105105

Plugin Details

Severity: High

ID: 500438

Version: 1.9

Type: remote

Family: Tenable.ot

Published: 2/7/2022

Updated: 3/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS Score Source: CVE-2018-14795

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:emerson:deltav:12.3.1, cpe:/a:emerson:deltav:13.3.1, cpe:/a:emerson:deltav:r5, cpe:/a:emerson:deltav:11.3.1, cpe:/a:emerson:deltav:13.3.0

Required KB Items: Tenable.ot/Emerson

Exploit Ease: No known exploits are available

Patch Publication Date: 8/21/2018

Vulnerability Publication Date: 8/21/2018

Reference Information

CVE: CVE-2018-14795

CWE: 22