Rewterz Threat Advisory – CVE-2018-11691 – Emerson DeltaV Distributed Control System Privilege Escalation Vulnerability
July 10, 2019Rewterz Threat Advisory – CVE-2019-6822 – Schneider Electric Zelio Soft 2 Remote Code Execution vulnerability
July 10, 2019Rewterz Threat Advisory – CVE-2018-11691 – Emerson DeltaV Distributed Control System Privilege Escalation Vulnerability
July 10, 2019Rewterz Threat Advisory – CVE-2019-6822 – Schneider Electric Zelio Soft 2 Remote Code Execution vulnerability
July 10, 2019Severity
Medium
Analysis Summary
A remote, unauthenticated threat actor with access to an affected PanelView 5510 Graphic Display, upon successful exploit, may boot-up the terminal and gain root-level access to the device’s file system.
Impact
Privilege escalation
Affected Vendors
Rockwell Automation
Affected Products
PanelView 5510
Remediation
Rockwell Automation reports users using PanelView 5510 with manufacturing dates prior to March 13, 2019, are encouraged to update to an available revision that addresses the associated risk.
For PanelView 5510 using v4, apply v4.003 or later and for PanelView 5510 using v5, apply v5.002 or later.
Updates are available at:
https://compatibility.rockwellautomation.com/Pages/MultiProductDownload.aspx?Keyword=5510&crumb=112