CVE-2022-29965

Summary

CVE	CVE-2022-29965
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-07-26 22:15:00 UTC
Updated	2023-01-24 16:06:00 UTC
Description	The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. Access to privileged operations on the maintenance port TELNET interface (23/TCP) on M-series and SIS (CSLS/LSNB/LSNG) nodes is controlled by means of utility passwords. These passwords are generated using a deterministic, insecure algorithm using a single seed value composed of a day/hour/minute timestamp with less than 16 bits of entropy. The seed value is fed through a lookup table and a series of permutation operations resulting in three different four-character passwords corresponding to different privilege levels. An attacker can easily reconstruct these passwords and thus gain access to privileged maintenance operations. NOTE: this is different from CVE-2014-2350.

Risk And Classification

Problem Types: CWE-327

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Emerson	Deltav Distributed Control System	All	All	All	All
Hardware	Emerson	Deltav Distributed Control System Sq Controller	-	All	All	All
Operating System	Emerson	Deltav Distributed Control System Sq Controller Firmware	All	All	All	All
Hardware	Emerson	Deltav Distributed Control System Sx Controller	-	All	All	All
Operating System	Emerson	Deltav Distributed Control System Sx Controller Firmware	All	All	All	All
Hardware	Emerson	Se4002s1t2b6 High Side 40-pin Mass I/o Terminal Block	-	All	All	All
Operating System	Emerson	Se4002s1t2b6 High Side 40-pin Mass I/o Terminal Block Firmware	All	All	All	All
Hardware	Emerson	Se4003s2b4 16-pin Mass I/o Terminal Block	-	All	All	All
Operating System	Emerson	Se4003s2b4 16-pin Mass I/o Terminal Block Firmware	All	All	All	All
Hardware	Emerson	Se4003s2b524-pin Mass I/o Terminal Block	-	All	All	All
Operating System	Emerson	Se4003s2b524-pin Mass I/o Terminal Block Firmware	All	All	All	All
Hardware	Emerson	Se4017p0 H1 I/o Interface Card And Terminl Block	-	All	All	All
Operating System	Emerson	Se4017p0 H1 I/o Interface Card And Terminl Block Firmware	All	All	All	All
Hardware	Emerson	Se4017p1 H1 I/o Card With Integrated Power	-	All	All	All
Operating System	Emerson	Se4017p1 H1 I/o Card With Integrated Power Firmware	All	All	All	All
Hardware	Emerson	Se4019p0 Simplex H1 4-port Plus Fieldbus I/o Interface With Terminalblock	-	All	All	All
Operating System	Emerson	Se4019p0 Simplex H1 4-port Plus Fieldbus I/o Interface With Terminalblock Firmware	All	All	All	All
Hardware	Emerson	Se4026 Virtual I/o Module 2	-	All	All	All
Operating System	Emerson	Se4026 Virtual I/o Module 2 Firmware	All	All	All	All
Hardware	Emerson	Se4027 Virtual I/o Module 2	-	All	All	All
Operating System	Emerson	Se4027 Virtual I/o Module 2 Firmware	All	All	All	All
Hardware	Emerson	Se4032s1t2b8 High Side 40-pin Do Mass I/o Terminal Block	-	All	All	All
Operating System	Emerson	Se4032s1t2b8 High Side 40-pin Do Mass I/o Terminal Block Firmware	All	All	All	All
Hardware	Emerson	Se4037p0 H1 I/o Interface Card And Terminl Block	-	All	All	All
Operating System	Emerson	Se4037p0 H1 I/o Interface Card And Terminl Block Firmware	All	All	All	All
Hardware	Emerson	Se4037p1 Redundant H1 I/o Card With Integrated Power And Terminal Block	-	All	All	All
Operating System	Emerson	Se4037p1 Redundant H1 I/o Card With Integrated Power And Terminal Block Firmware	All	All	All	All
Hardware	Emerson	Se4039p0 Redundant H1 4-port Plus Fieldbus I/o Interface With Terminalblock	-	All	All	All
Operating System	Emerson	Se4039p0 Redundant H1 4-port Plus Fieldbus I/o Interface With Terminalblock Firmware	All	All	All	All
Hardware	Emerson	Se4052s1t2b6 High Side 40-pin Mass I/o Terminal Block	-	All	All	All
Operating System	Emerson	Se4052s1t2b6 High Side 40-pin Mass I/o Terminal Block Firmware	All	All	All	All
Hardware	Emerson	Se4082s1t2b8 High Side 40-pin Do Mass I/o Terminal Block	-	All	All	All
Operating System	Emerson	Se4082s1t2b8 High Side 40-pin Do Mass I/o Terminal Block Firmware	All	All	All	All
Hardware	Emerson	Se4100 Simplex Ethernet I/o Card Eioc Assembly	-	All	All	All
Operating System	Emerson	Se4100 Simplex Ethernet I/o Card Eioc Assembly Firmware	All	All	All	All
Hardware	Emerson	Se4101 Simplex Ethernet I/o Card Eioc Assembly	-	All	All	All
Operating System	Emerson	Se4101 Simplex Ethernet I/o Card Eioc Assembly Firmware	All	All	All	All
Hardware	Emerson	Se4801t0x Redundant Wireless I/o Card	-	All	All	All
Operating System	Emerson	Se4801t0x Redundant Wireless I/o Card Firmware	All	All	All	All
Hardware	Emerson	Ve4103 Modbus Tcp Interface For Ethernet Connected I/o Eioc	-	All	All	All
Operating System	Emerson	Ve4103 Modbus Tcp Interface For Ethernet Connected I/o Eioc Firmware	All	All	All	All
Hardware	Emerson	Ve4104 Ethernet/ip Control Tag Integration For Ethernet Connected I/o Eioc	-	All	All	All
Operating System	Emerson	Ve4104 Ethernet/ip Control Tag Integration For Ethernet Connected I/o Eioc Firmware	All	All	All	All
Hardware	Emerson	Ve4105 Ethernet/ip Interface For Ethernet Connected I/o Eioc	-	All	All	All
Operating System	Emerson	Ve4105 Ethernet/ip Interface For Ethernet Connected I/o Eioc Firmware	All	All	All	All
Hardware	Emerson	Ve4106 Opc-ua Client For Ethernet Connected I/o Eioc	-	All	All	All
Operating System	Emerson	Ve4106 Opc-ua Client For Ethernet Connected I/o Eioc Firmware	All	All	All	All
Hardware	Emerson	Ve4107 Iec 61850 Mms Interface For Ethernet Connected I/o Eioc	-	All	All	All
Operating System	Emerson	Ve4107 Iec 61850 Mms Interface For Ethernet Connected I/o Eioc Firmware	All	All	All	All

References

Reference	Source	Link	Tags
Emerson DeltaV Distributed Control System \| CISA	MISC	www.cisa.gov
Blog - Forescout	MISC	www.forescout.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

591249 Emerson DeltaV Distributed Control System Multiple Vulnerabilities (ICSA-22-181-03)