CVE-2014-2350

CVE-2014-2350: Emerson DeltaV Use of Hard-coded Credentials

Vendor Emerson
Product DeltaV
Weakness CWE-798 · Hardcoded credentials
Published May 22, 2014
Last update October 31, 2025

CVSS base score

What the vulnerability does

01Description

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program.

Key dates

02Disclosure timeline

May 22, 2014 CVE published
October 31, 2025 Record updated