CVE-2016-9347
low-risk
Published 2017-02-13
An issue was discovered in Emerson SE4801T0X Redundant Wireless I/O Card V13.3, and SE4801T1X Simplex Wireless I/O Card V13.3. DeltaV Wireless I/O Cards (WIOC) running the firmware available in the DeltaV system, release v13.3, have the SSH (Secure Shell) functionality enabled unnecessarily.
Do I need to act?
-
0.12% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.0/10
Medium
ADJACENT_NETWORK
/ HIGH complexity
Affected Products (2)
Se4801T0X Redundant Wireless I\/O Card Firmware
Se4801T1X Simplex Wireless I\/O Card Firmware
Affected Vendors
References (4)
Third Party Advisory
http://www.securityfocus.com/bid/94586
Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-16-334-03
Third Party Advisory
http://www.securityfocus.com/bid/94586
Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-16-334-03
21
/ 100
low-risk
Severity
13/34 · Low
Exploitability
1/34 · Minimal
Exposure
7/34 · Low