{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-30260", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2022-12-26T00:00:00", "dateReserved": "2022-05-04T00:00:00", "datePublished": "2022-12-26T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2022-12-26T00:00:00"}, "descriptions": [{"lang": "en", "value": "Emerson DeltaV Distributed Control System (DCS) has insufficient verification of firmware integrity (an inadequate checksum approach, and no signature). This affects versions before 14.3 of DeltaV M-series, DeltaV S-series, DeltaV P-series, DeltaV SIS, and DeltaV CIOC/EIOC/WIOC IO cards."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.forescout.com/blog/"}, {"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-181-03"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:deltav_distributed_control_system_sq_controller_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8A44F6D-CBF3-4842-8853-308E0B7A713E", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:deltav_distributed_control_system_sq_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "D565B21C-60BB-404B-BE80-62528DE1F15D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:deltav_distributed_control_system_sx_controller_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A4FA19C-A9EB-45BA-898D-CFFC0ABD5304", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:deltav_distributed_control_system_sx_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "2249F041-9F01-4DA8-9A58-AF71B927BE04", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4002s1t2b6_high_side_40-pin_mass_i\\/o_terminal_block_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F6CED76-6501-4C82-8386-F63BFCA6F2D9", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4002s1t2b6_high_side_40-pin_mass_i\\/o_terminal_block:-:*:*:*:*:*:*:*", "matchCriteriaId": "9BF9A47C-1284-4CCA-80B4-E4A07A33D822", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4003s2b4_16-pin_mass_i\\/o_terminal_block_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FFB8AFAF-C990-4F88-904C-E16C13FACA50", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4003s2b4_16-pin_mass_i\\/o_terminal_block:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8CEF8B0-8198-42D8-B0DF-E113014CAF99", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4003s2b524-pin_mass_i\\/o_terminal_block_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "745CD811-4416-417D-8691-6A4BBA8A5BBF", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4003s2b524-pin_mass_i\\/o_terminal_block:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA97F935-4B3B-404C-9716-00DC1E823B39", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4017p0_h1_i\\/o_interface_card_and_terminl_block_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9778B199-D31A-4804-B30D-3AD0EF4F12C1", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4017p0_h1_i\\/o_interface_card_and_terminl_block:-:*:*:*:*:*:*:*", "matchCriteriaId": "96746FF1-06B3-44B2-8170-F644886E3B56", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4017p1_h1_i\\/o_card_with_integrated_power_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C9D68BC-996F-4372-B040-54AF10881A95", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4017p1_h1_i\\/o_card_with_integrated_power:-:*:*:*:*:*:*:*", "matchCriteriaId": "60F172D4-3624-4718-89B3-3F3B33CEAE60", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4019p0_simplex_h1_4-port_plus_fieldbus_i\\/o_interface_with_terminalblock_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2768EDDE-8DA8-4808-AF6A-9318DDD8D42E", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4019p0_simplex_h1_4-port_plus_fieldbus_i\\/o_interface_with_terminalblock:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C2E234B-03F1-4C16-AFDA-1C76B3DEFF0E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4026_virtual_i\\/o_module_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC9DB4FE-2A3C-4DB8-A108-B84A9D0978B3", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4026_virtual_i\\/o_module_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A51BF73-33F0-44EF-A412-EF0CDF966222", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4027_virtual_i\\/o_module_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "964C1049-DB6B-4E82-969A-BFDAF41C5D36", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4027_virtual_i\\/o_module_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "B041C40E-5510-43F7-836A-48C3643BDE35", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4032s1t2b8_high_side_40-pin_do_mass_i\\/o_terminal_block_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D085A36-6E85-479F-9BA8-7082A5568B9E", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4032s1t2b8_high_side_40-pin_do_mass_i\\/o_terminal_block:-:*:*:*:*:*:*:*", "matchCriteriaId": "28CF78B7-6921-42D2-AB02-E53D95245898", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4037p0_h1_i\\/o_interface_card_and_terminl_block_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE313BF7-B497-4C8F-BF0C-7AEA6D10C44E", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4037p0_h1_i\\/o_interface_card_and_terminl_block:-:*:*:*:*:*:*:*", "matchCriteriaId": "7324E231-7244-404A-BBCD-BE04495B4A31", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4037p1_redundant_h1_i\\/o_card_with_integrated_power_and_terminal_block_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4876CD8-BF87-4A27-A85A-C68041E81C89", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4037p1_redundant_h1_i\\/o_card_with_integrated_power_and_terminal_block:-:*:*:*:*:*:*:*", "matchCriteriaId": "76C372C3-8BD0-4CC9-8753-DB8ED834BAF4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4039p0_redundant_h1_4-port_plus_fieldbus_i\\/o_interface_with_terminalblock_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5FC8E954-4996-4BAF-BB2E-0E581EFCA307", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4039p0_redundant_h1_4-port_plus_fieldbus_i\\/o_interface_with_terminalblock:-:*:*:*:*:*:*:*", "matchCriteriaId": "25502581-C234-405E-B0A2-803FCCF9CB98", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4052s1t2b6_high_side_40-pin_mass_i\\/o_terminal_block_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "70828150-6345-4FFC-9FB8-1BEDDB0EBF06", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4052s1t2b6_high_side_40-pin_mass_i\\/o_terminal_block:-:*:*:*:*:*:*:*", "matchCriteriaId": "3553747E-ACB7-4B0B-B72F-E309FB8C14CD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4082s1t2b8_high_side_40-pin_do_mass_i\\/o_terminal_block_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CBA85F21-16F7-4C62-9586-8609B9A276CA", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4082s1t2b8_high_side_40-pin_do_mass_i\\/o_terminal_block:-:*:*:*:*:*:*:*", "matchCriteriaId": "CBC1799C-5C6D-41DE-A05F-A0C376F4DF25", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4100_simplex_ethernet_i\\/o_card_\\(eioc\\)_assembly_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CE4E7BC-7D75-4ED2-8629-F54B770DA012", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4100_simplex_ethernet_i\\/o_card_\\(eioc\\)_assembly:-:*:*:*:*:*:*:*", "matchCriteriaId": "A509A93B-9822-4029-88D4-1CA26AA26CA2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4101_simplex_ethernet_i\\/o_card_\\(eioc\\)_assembly_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BBD2799B-B7BB-42FE-A217-169DA61E5253", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4101_simplex_ethernet_i\\/o_card_\\(eioc\\)_assembly:-:*:*:*:*:*:*:*", "matchCriteriaId": "119231C0-A3A7-4745-AA58-E3E0FFDF19AA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:se4801t0x_redundant_wireless_i\\/o_card_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F1A37AA-6B89-478B-884F-FD4335920D2E", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:se4801t0x_redundant_wireless_i\\/o_card:-:*:*:*:*:*:*:*", "matchCriteriaId": "1F515BD5-A516-4EF6-83BD-1D4FB13554A6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:ve4103_modbus_tcp_interface_for_ethernet_connected_i\\/o_\\(eioc\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2DB7F861-0F11-45C0-9BC4-608B32AEF4AF", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:ve4103_modbus_tcp_interface_for_ethernet_connected_i\\/o_\\(eioc\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "E124883C-AE12-4293-9755-E6E2D8FA14C4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:ve4104_ethernet\\/ip_control_tag_integration_for_ethernet_connected_i\\/o_\\(eioc\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE5F82C4-E21C-4533-8F0B-C5256AEC702D", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:ve4104_ethernet\\/ip_control_tag_integration_for_ethernet_connected_i\\/o_\\(eioc\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "74CAD82E-735A-4035-8B3E-48493F2571E0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:ve4105_ethernet\\/ip_interface_for_ethernet_connected_i\\/o_\\(eioc\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "468AB759-3024-44A3-8824-C4A67237A6DC", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:ve4105_ethernet\\/ip_interface_for_ethernet_connected_i\\/o_\\(eioc\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "7855329F-F2CB-43B9-9EF9-E09B420E7D9D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:ve4106_opc-ua_client_for_ethernet_connected_i\\/o_\\(eioc\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FB54492B-73E5-4F92-B0E6-560DC8B942B2", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:ve4106_opc-ua_client_for_ethernet_connected_i\\/o_\\(eioc\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "9BB62397-6E64-4D08-8A0F-00D007938D5B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:emerson:ve4107_iec_61850_mms_interface_for_ethernet_connected_i\\/o_\\(eioc\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4248830A-583E-4E66-B763-9E58A60BDE1C", "versionEndExcluding": "14.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:emerson:ve4107_iec_61850_mms_interface_for_ethernet_connected_i\\/o_\\(eioc\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "59A77957-F875-4616-812F-F37A68622922", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Emerson DeltaV Distributed Control System (DCS) has insufficient verification of firmware integrity (an inadequate checksum approach, and no signature). This affects versions before 14.3 of DeltaV M-series, DeltaV S-series, DeltaV P-series, DeltaV SIS, and DeltaV CIOC/EIOC/WIOC IO cards."}, {"lang": "es", "value": "Emerson DeltaV Distributed Control System (DCS) tiene una verificaci\u00f3n insuficiente de la integridad del firmware (un m\u00e9todo de suma de verificaci\u00f3n inadecuado y sin firma). Esto afecta a las versiones anteriores a la 14.3 de las tarjetas DeltaV serie M, DeltaV serie S, DeltaV serie P, DeltaV SIS y DeltaV CIOC/EIOC/WIOC IO."}], "id": "CVE-2022-30260", "lastModified": "2024-02-15T03:19:09.067", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-26T06:15:10.947", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-181-03"}, {"source": "cve@mitre.org", "tags": ["Not Applicable", "Third Party Advisory"], "url": "https://www.forescout.com/blog/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-345"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}