Emerson has a patch available to mitigate a use of hard-coded credentials vulnerability in its DeltaV Distributed Control System (DCS), according to a report with NCCIC.
Successful exploitation of this vulnerability, discovered by Benjamin Crosasso of Sanofi, could allow an attacker to gain administrative access to DeltaV Smart Switches.
The following versions of DeltaV DCS, a software management platform, include the vulnerable Smart Switch Command Center:
In the vulnerability, the Smart Switch Command Center does not change the DeltaV Smart Switch management account password upon commissioning as expected, leaving the default password in effect indefinitely.
CVE-2018-11691 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.1.
The product sees action on a global basis in the chemical, critical manufacturing, and energy sectors.
No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely. However, an attacker with low skill level could leverage the vulnerability.
Emerson recommends users patch affected products. Details are available within article DSN19003 (KBA# NK-1900-0808). Software patches and DSN19003 are available to users with access to the Emerson Guardian Support Portal, login required.
To limit exposure to these and other vulnerabilities, Emerson recommends that DeltaV systems and related components be deployed and configured as described in the DeltaV security manual, which can be found in Emerson’s Guardian Support Portal.