DeltaV Products Multiple Vulnerabilities
DeltaV and DeltaV Workstations versions 9.3.1, 10.3.1, 11.3, and 11.3.1
DeltaV ProEssentials Scientific Graph version 220.127.116.11
Multiple vulnerabilities have been reported in DeltaV products, which can be exploited by malicious people to conduct cross-site scripting attacks, SQL injection attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.
1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
2) Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
3) An error within PORTSERV.exe can be exploited to cause a crash via a specially crafted packet sent to TCP or UDP port 111.
4) An error within the processing of certain fields in project files can be exploited to cause a buffer overflow via a specially crafted project file.
5) An insecure method within an ActiveX control can be exploited to overwrite arbitrary files.
Successful exploitation of vulnerabilities #4 and #5 may allow execution of arbitrary code.
The vendor has issued a hotfix (please contact the vendor for more information).