CVE-2018-14797

Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 allow a specially crafted DLL file to be placed in the search path and loaded as an internal and valid DLL, which may allow arbitrary code execution.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
emersondeltav
11.3.1
emersondeltav
12.3.1
emersondeltav
13.3.0
emersondeltav
13.3.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/105105
https://ics-cert.us-cert.gov/advisories/ICSA-18-228-01
http://www.securityfocus.com/bid/105105
https://ics-cert.us-cert.gov/advisories/ICSA-18-228-01