Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2014-9191 (GCVE-0-2014-9191)
Vulnerability from cvelistv5
Published
2015-01-10 02:00
Modified
2024-08-06 13:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:40:24.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf"
},
{
"name": "71952",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71952"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-237-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-06T18:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf"
},
{
"name": "71952",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71952"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-237-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-9191",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A"
},
{
"name": "http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf",
"refsource": "CONFIRM",
"url": "http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf"
},
{
"name": "71952",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71952"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-237-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-237-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2014-9191",
"datePublished": "2015-01-10T02:00:00",
"dateReserved": "2014-12-02T00:00:00",
"dateUpdated": "2024-08-06T13:40:24.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2014-9191\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2015-01-10T02:59:34.693\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.\"},{\"lang\":\"es\",\"value\":\"La librar\u00eda CodeWrights HART Device Type Manager (DTM) en Emerson HART DTM anterior a 1.4.181 permite a atacantes f\u00edsicamente pr\u00f3ximos causar una denegaci\u00f3n de servicio (interrupci\u00f3n de DTM y cuelgue de la aplicaci\u00f3n FDT Frame) mediante la transmisi\u00f3n de paquetes de respuesta manipulados en el bucle actual 4-20 mA.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codewrights:hart_device_type_manager:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.44\",\"matchCriteriaId\":\"D101AC37-B7B4-47C7-97A0-ADF480768B00\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/71952\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-15-237-01\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"http://www.securityfocus.com/bid/71952\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-15-237-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
ghsa-w86j-cccq-xf7q
Vulnerability from github
Published
2022-05-17 03:22
Modified
2022-05-17 03:22
VLAI Severity ?
Details
The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.
{
"affected": [],
"aliases": [
"CVE-2014-9191"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2015-01-10T02:59:00Z",
"severity": "LOW"
},
"details": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.",
"id": "GHSA-w86j-cccq-xf7q",
"modified": "2022-05-17T03:22:39Z",
"published": "2022-05-17T03:22:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9191"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-237-01"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/71952"
},
{
"type": "WEB",
"url": "http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf"
}
],
"schema_version": "1.4.0",
"severity": []
}
gsd-2014-9191
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2014-9191",
"description": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.",
"id": "GSD-2014-9191"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2014-9191"
],
"details": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.",
"id": "GSD-2014-9191",
"modified": "2023-12-13T01:22:48.060809Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-9191",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A"
},
{
"name": "http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf",
"refsource": "CONFIRM",
"url": "http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf"
},
{
"name": "71952",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71952"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-237-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-237-01"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:codewrights:hart_device_type_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.44",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-9191"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A"
},
{
"name": "http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf"
},
{
"name": "71952",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/71952"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-237-01",
"refsource": "MISC",
"tags": [],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-237-01"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2016-12-08T03:06Z",
"publishedDate": "2015-01-10T02:59Z"
}
}
}
icsa-15-012-01
Vulnerability from csaf_cisa
Published
2015-10-15 06:00
Modified
2025-06-06 22:31
Summary
CodeWrights GmbH HART DTM Vulnerability
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-15-012-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2015/icsa-15-012-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-15-012-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-012-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "CodeWrights GmbH HART DTM Vulnerability",
"tracking": {
"current_release_date": "2025-06-06T22:31:46.333944Z",
"generator": {
"date": "2025-06-06T22:31:46.333913Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-15-012-01",
"initial_release_date": "2015-10-15T06:00:00.000000Z",
"revision_history": [
{
"date": "2015-10-15T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-06T22:31:46.333944Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.5.151",
"product": {
"name": "Codewrights DTMStudio: \u003c1.5.151",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "DTMStudio"
}
],
"category": "vendor",
"name": "Codewrights"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9191",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "CodeWrights GmbH has developed an updated library to address this vulnerability. These libraries are being provided to its customers (vendors) with current support agreements.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
icsa-15-008-01a
Vulnerability from csaf_cisa
Published
2015-10-11 06:00
Modified
2025-06-06 22:53
Summary
Emerson HART DTM Vulnerability
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-15-008-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2015/icsa-15-008-01a.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-15-008-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-008-01a"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "Emerson HART DTM Vulnerability",
"tracking": {
"current_release_date": "2025-06-06T22:53:36.666065Z",
"generator": {
"date": "2025-06-06T22:53:36.666005Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-15-008-01A",
"initial_release_date": "2015-10-11T06:00:00.000000Z",
"revision_history": [
{
"date": "2015-10-11T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-06T22:53:36.666065Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Rev._2.01",
"product": {
"name": "Emerson Process Management Fisher Controls DVC6000 Digital Valve Controller: Rev._2.01",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Fisher Controls DVC6000 Digital Valve Controller"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1.01",
"product": {
"name": "Emerson Process Management Fisher Controls International DVC2000 Digital Valve Controller: Rev._1.01",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Fisher Controls International DVC2000 Digital Valve Controller"
},
{
"branches": [
{
"category": "product_version_range",
"name": "5|6",
"product": {
"name": "Emerson Process Management Micro Motion 1500: 5|6",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "Micro Motion 1500"
},
{
"branches": [
{
"category": "product_version_range",
"name": "5|6",
"product": {
"name": "Emerson Process Management Micro Motion 1700 Analog: 5|6",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Micro Motion 1700 Analog"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._6",
"product": {
"name": "Emerson Process Management Micro Motion 1700 IS: Rev._6",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "Micro Motion 1700 IS"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._5",
"product": {
"name": "Emerson Process Management Micro Motion 1700: Rev._5",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "Micro Motion 1700"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._5",
"product": {
"name": "Emerson Process Management Micro Motion 1700IS: Rev._5",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "Micro Motion 1700IS"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._5",
"product": {
"name": "Emerson Process Management Micro Motion 2000 Config I/O: Rev._5",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "Micro Motion 2000 Config I/O"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Emerson Process Management Micro Motion 2200S: Rev._1",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "Micro Motion 2200S"
},
{
"branches": [
{
"category": "product_version_range",
"name": "2|3|4",
"product": {
"name": "Emerson Process Management Micro Motion 2400S Analog: 2|3|4",
"product_id": "CSAFPID-0010"
}
}
],
"category": "product_name",
"name": "Micro Motion 2400S Analog"
},
{
"branches": [
{
"category": "product_version_range",
"name": "5|6",
"product": {
"name": "Emerson Process Management Micro Motion 2500/2700 Config I/O: 5|6",
"product_id": "CSAFPID-0011"
}
}
],
"category": "product_name",
"name": "Micro Motion 2500/2700 Config I/O"
},
{
"branches": [
{
"category": "product_version_range",
"name": "5|6",
"product": {
"name": "Emerson Process Management Micro Motion 2700 Analog: 5|6",
"product_id": "CSAFPID-0012"
}
}
],
"category": "product_name",
"name": "Micro Motion 2700 Analog"
},
{
"branches": [
{
"category": "product_version_range",
"name": "5|6",
"product": {
"name": "Emerson Process Management Micro Motion 2700 IS: 5|6",
"product_id": "CSAFPID-0013"
}
}
],
"category": "product_name",
"name": "Micro Motion 2700 IS"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._4",
"product": {
"name": "Emerson Process Management Micro Motion RFT9739: Rev._4",
"product_id": "CSAFPID-0014"
}
}
],
"category": "product_name",
"name": "Micro Motion RFT9739"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._7",
"product": {
"name": "Emerson Process Management Micro Motion Series 3000: Rev._7",
"product_id": "CSAFPID-0015"
}
}
],
"category": "product_name",
"name": "Micro Motion Series 3000"
},
{
"branches": [
{
"category": "product_version_range",
"name": "5|6",
"product": {
"name": "Emerson Process Management Rosemount 1151 Pressure Transmitter: 5|6",
"product_id": "CSAFPID-0016"
}
}
],
"category": "product_name",
"name": "Rosemount 1151 Pressure Transmitter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "3|9|10",
"product": {
"name": "Emerson Process Management Rosemount 2051 Pressure Transmitter: 3|9|10",
"product_id": "CSAFPID-0017"
}
}
],
"category": "product_name",
"name": "Rosemount 2051 Pressure Transmitter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "3|9|10",
"product": {
"name": "Emerson Process Management Rosemount 2088 Pressure Transmitter: 3|9|10",
"product_id": "CSAFPID-0018"
}
}
],
"category": "product_name",
"name": "Rosemount 2088 Pressure Transmitter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._3",
"product": {
"name": "Emerson Process Management Rosemount 2090 Pressure Transmitter: Rev._3",
"product_id": "CSAFPID-0019"
}
}
],
"category": "product_name",
"name": "Rosemount 2090 Pressure Transmitter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._2",
"product": {
"name": "Emerson Process Management Rosemount 248 Temperature Transmitter: Rev._2",
"product_id": "CSAFPID-0020"
}
}
],
"category": "product_name",
"name": "Rosemount 248 Temperature Transmitter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "3|7|9|10",
"product": {
"name": "Emerson Process Management Rosemount 3051 Pressure Transmitter: 3|7|9|10",
"product_id": "CSAFPID-0021"
}
}
],
"category": "product_name",
"name": "Rosemount 3051 Pressure Transmitter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "2|3",
"product": {
"name": "Emerson Process Management Rosemount 3051S Advanced Diagnostics: 2|3",
"product_id": "CSAFPID-0022"
}
}
],
"category": "product_name",
"name": "Rosemount 3051S Advanced Diagnostics"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Emerson Process Management Rosemount 3051S Electronic Remote Sensors: Rev._1",
"product_id": "CSAFPID-0023"
}
}
],
"category": "product_name",
"name": "Rosemount 3051S Electronic Remote Sensors"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._7",
"product": {
"name": "Emerson Process Management Rosemount 3051S Pressure Transmitter: Rev._7",
"product_id": "CSAFPID-0024"
}
}
],
"category": "product_name",
"name": "Rosemount 3051S Pressure Transmitter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Emerson Process Management Rosemount 3051SMV Direct Process Variable: Rev._1",
"product_id": "CSAFPID-0025"
}
}
],
"category": "product_name",
"name": "Rosemount 3051SMV Direct Process Variable"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Emerson Process Management Rosemount 3051SMV MultiVariable Mass Energy Flow: Rev._1",
"product_id": "CSAFPID-0026"
}
}
],
"category": "product_name",
"name": "Rosemount 3051SMV MultiVariable Mass Energy Flow"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._2",
"product": {
"name": "Emerson Process Management Rosemount 3095M MultiVariable Mass Flow: Rev._2",
"product_id": "CSAFPID-0027"
}
}
],
"category": "product_name",
"name": "Rosemount 3095M MultiVariable Mass Flow"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._5",
"product": {
"name": "Emerson Process Management Rosemount 3100 Ultrasonic Level Transmitter: Rev._5",
"product_id": "CSAFPID-0028"
}
}
],
"category": "product_name",
"name": "Rosemount 3100 Ultrasonic Level Transmitter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "3|4|5|6",
"product": {
"name": "Emerson Process Management Rosemount 3144P Temperature Transmitter: 3|4|5|6",
"product_id": "CSAFPID-0029"
}
}
],
"category": "product_name",
"name": "Rosemount 3144P Temperature Transmitter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._3",
"product": {
"name": "Emerson Process Management Rosemount 3300 Radar Level and Interface Transmitter: Rev._3",
"product_id": "CSAFPID-0030"
}
}
],
"category": "product_name",
"name": "Rosemount 3300 Radar Level and Interface Transmitter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Emerson Process Management Rosemount 333 Triloop: Rev._1",
"product_id": "CSAFPID-0031"
}
}
],
"category": "product_name",
"name": "Rosemount 333 Triloop"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._7",
"product": {
"name": "Emerson Process Management Rosemount 4500 Pressure Transmitter: Rev._7",
"product_id": "CSAFPID-0032"
}
}
],
"category": "product_name",
"name": "Rosemount 4500 Pressure Transmitter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Emerson Process Management Rosemount 4600 Pressure Transmitter: Rev._1",
"product_id": "CSAFPID-0033"
}
}
],
"category": "product_name",
"name": "Rosemount 4600 Pressure Transmitter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "1|2|3",
"product": {
"name": "Emerson Process Management Rosemount 5300 Radar Level and Interface Transmitter: 1|2|3",
"product_id": "CSAFPID-0034"
}
}
],
"category": "product_name",
"name": "Rosemount 5300 Radar Level and Interface Transmitter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "1|2",
"product": {
"name": "Emerson Process Management Rosemount 5400 Radar Level Transmitter: 1|2",
"product_id": "CSAFPID-0035"
}
}
],
"category": "product_name",
"name": "Rosemount 5400 Radar Level Transmitter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "6|7|8|9",
"product": {
"name": "Emerson Process Management Rosemount 644 Temperature Transmitter: 6|7|8|9",
"product_id": "CSAFPID-0036"
}
}
],
"category": "product_name",
"name": "Rosemount 644 Temperature Transmitter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Emerson Process Management Rosemount 8712D Magnetic Flowmeter: Rev._1",
"product_id": "CSAFPID-0037"
}
}
],
"category": "product_name",
"name": "Rosemount 8712D Magnetic Flowmeter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._3",
"product": {
"name": "Emerson Process Management Rosemount 8712E Magnetic Flowmeter: Rev._3",
"product_id": "CSAFPID-0038"
}
}
],
"category": "product_name",
"name": "Rosemount 8712E Magnetic Flowmeter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Emerson Process Management Rosemount 8712H Magnetic Flowmeter: Rev._1",
"product_id": "CSAFPID-0039"
}
}
],
"category": "product_name",
"name": "Rosemount 8712H Magnetic Flowmeter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._7",
"product": {
"name": "Emerson Process Management Rosemount 8732C Magnetic Flowmeter: Rev._7",
"product_id": "CSAFPID-0040"
}
}
],
"category": "product_name",
"name": "Rosemount 8732C Magnetic Flowmeter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._2",
"product": {
"name": "Emerson Process Management Rosemount 8732E Magnetic Flowmeter: Rev._2",
"product_id": "CSAFPID-0041"
}
}
],
"category": "product_name",
"name": "Rosemount 8732E Magnetic Flowmeter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._3",
"product": {
"name": "Emerson Process Management Rosemount 8800C Vortex Flowmeter: Rev._3",
"product_id": "CSAFPID-0042"
}
}
],
"category": "product_name",
"name": "Rosemount 8800C Vortex Flowmeter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "1|2",
"product": {
"name": "Emerson Process Management Rosemount 8800D Vortex Flowmeter: 1|2",
"product_id": "CSAFPID-0043"
}
}
],
"category": "product_name",
"name": "Rosemount 8800D Vortex Flowmeter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "1|2",
"product": {
"name": "Emerson Process Management Rosemount Analytical 1056: 1|2",
"product_id": "CSAFPID-0044"
}
}
],
"category": "product_name",
"name": "Rosemount Analytical 1056"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._2",
"product": {
"name": "Emerson Process Management Rosemount Analytical 5081A: Rev._2",
"product_id": "CSAFPID-0045"
}
}
],
"category": "product_name",
"name": "Rosemount Analytical 5081A"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Emerson Process Management Rosemount Analytical 5081CT: Rev._1",
"product_id": "CSAFPID-0046"
}
}
],
"category": "product_name",
"name": "Rosemount Analytical 5081CT"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._2",
"product": {
"name": "Emerson Process Management Rosemount Analytical 5081p: Rev._2",
"product_id": "CSAFPID-0047"
}
}
],
"category": "product_name",
"name": "Rosemount Analytical 5081p"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._2",
"product": {
"name": "Emerson Process Management Rosemount Analytical 54eA: Rev._2",
"product_id": "CSAFPID-0048"
}
}
],
"category": "product_name",
"name": "Rosemount Analytical 54eA"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Emerson Process Management Rosemount Analytical 54eC: Rev._1",
"product_id": "CSAFPID-0049"
}
}
],
"category": "product_name",
"name": "Rosemount Analytical 54eC"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._2",
"product": {
"name": "Emerson Process Management Rosemount Analytical 54epH: Rev._2",
"product_id": "CSAFPID-0050"
}
}
],
"category": "product_name",
"name": "Rosemount Analytical 54epH"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._3",
"product": {
"name": "Emerson Process Management Rosemount Analytical OCT4000: Rev._3",
"product_id": "CSAFPID-0051"
}
}
],
"category": "product_name",
"name": "Rosemount Analytical OCT4000"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._3",
"product": {
"name": "Emerson Process Management Rosemount Analytical OCX8800: Rev._3",
"product_id": "CSAFPID-0052"
}
}
],
"category": "product_name",
"name": "Rosemount Analytical OCX8800"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Emerson Process Management Rosemount Analytical XmtA: Rev._1",
"product_id": "CSAFPID-0053"
}
}
],
"category": "product_name",
"name": "Rosemount Analytical XmtA"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Emerson Process Management Rosemount Analytical XmtCT: Rev._1",
"product_id": "CSAFPID-0054"
}
}
],
"category": "product_name",
"name": "Rosemount Analytical XmtCT"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Emerson Process Management Rosemount Analytical XmtpH: Rev._1",
"product_id": "CSAFPID-0055"
}
}
],
"category": "product_name",
"name": "Rosemount Analytical XmtpH"
},
{
"branches": [
{
"category": "product_version_range",
"name": "9|10",
"product": {
"name": "Emerson Process Management Rosemount Metran 150 Pressure Transmitter: 9|10",
"product_id": "CSAFPID-0056"
}
}
],
"category": "product_name",
"name": "Rosemount Metran 150 Pressure Transmitter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "9|10.",
"product": {
"name": "Emerson Process Management Rosemount Metran 75 Pressure Transmitter: 9|10.",
"product_id": "CSAFPID-0057"
}
}
],
"category": "product_name",
"name": "Rosemount Metran 75 Pressure Transmitter"
}
],
"category": "vendor",
"name": "Emerson Process Management"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9191",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Emerson updated the HART DTM for the Rosemount 644 Temperature Transmitter Rev. 8, DTM Version 1.4.181 on November 17, 2014. Installing this DTM will resolve the vulnerability for all the impacted Emerson products listed above. Emerson recommends downloading the updated DTM from its web site: (http://www2.emersonprocess.com/en-US/documentation/deviceinstallkits/Pages/deviceinstallkitsearch.aspx)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057"
],
"url": "http://www2.emersonprocess.com/en-US/documentation/deviceinstallkits/Pages/deviceinstallkitsearch.aspx"
},
{
"category": "mitigation",
"details": "An attacker would require physical access to the HART loop in order to execute this attack. The vulnerability is exploited by connecting a rogue device to the HART loop and sending malformed data to the frame. If the end user has adequate physical protection of the HART loop in place, exploitation is not possible. Field devices and WirelessHART installations are unaffected. Emerson recommends having physical protection of the end users\u2019 entire infrastructure.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057"
]
},
{
"category": "mitigation",
"details": "More details can be found at Emerson\u2019s advisory located: (http://www2.emersonprocess.com/siteadmincenter/PM Central Web Documents/EMR EPM14001-1.pdf)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057"
]
}
]
}
]
}
icsa-15-029-01
Vulnerability from csaf_cisa
Published
2015-11-01 06:00
Modified
2025-06-06 22:33
Summary
Honeywell HART DTM Vulnerability
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-15-029-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2015/icsa-15-029-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-15-029-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-029-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "Honeywell HART DTM Vulnerability",
"tracking": {
"current_release_date": "2025-06-06T22:33:43.213614Z",
"generator": {
"date": "2025-06-06T22:33:43.213462Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-15-029-01",
"initial_release_date": "2015-11-01T06:00:00.000000Z",
"revision_history": [
{
"date": "2015-11-01T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-06T22:33:43.213614Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "1|2",
"product": {
"name": "Honeywell Honeywell STT25T HART 5 Transmitter: 1|2",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Honeywell STT25T HART 5 Transmitter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "1|3",
"product": {
"name": "Honeywell Honeywell STT25H HART 5 Transmitter: 1|3",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Honeywell STT25H HART 5 Transmitter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._2",
"product": {
"name": "Honeywell Honeywell STT25S HART 5 Transmitter: Rev._2",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "Honeywell STT25S HART 5 Transmitter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Honeywell Honeywell ST 3000 HART 5 Transmitter: Rev._1",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Honeywell ST 3000 HART 5 Transmitter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Honeywell Honeywell ST 3000 HART 6 Transmitter: Rev._1",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "Honeywell ST 3000 HART 6 Transmitter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Honeywell Honeywell ST 3000 H6 Transmitter with Advanced Diagnostics: Rev._1",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "Honeywell ST 3000 H6 Transmitter with Advanced Diagnostics"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Honeywell Honeywell ST STT25H HART 5 Transmitter: Rev._1",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "Honeywell ST STT25H HART 5 Transmitter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev._1",
"product": {
"name": "Honeywell Honeywell ST STT25S HART 6 Transmitter: Rev._1",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "Honeywell ST STT25S HART 6 Transmitter"
}
],
"category": "vendor",
"name": "Honeywell"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9191",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Honeywell has validated and released an update of the DTM software to mitigate this vulnerability. Customers should upgrade their systems using the applicable patch below as soon as possible to minimize the risk of exploitation of this vulnerability. The patch can be downloaded using the following link: https://www.honeywellprocess.com/library/support/Public/Downloads/Honeywell-Enhanced-DTM-Library-HART-V2.4.18.180.zip",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
}
]
}
icsa-15-012-01c
Vulnerability from csaf_cisa
Published
2015-10-15 06:00
Modified
2025-06-06 22:32
Summary
CodeWrights GmbH HART Device DTM Vulnerability (Update C)
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-15-012-01C JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2015/icsa-15-012-01c.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-15-012-01C - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-012-01c"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "CodeWrights GmbH HART Device DTM Vulnerability (Update C)",
"tracking": {
"current_release_date": "2025-06-06T22:32:06.053252Z",
"generator": {
"date": "2025-06-06T22:32:06.053141Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-15-012-01C",
"initial_release_date": "2015-10-15T06:00:00.000000Z",
"revision_history": [
{
"date": "2015-10-15T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-06T22:32:06.053252Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.5.151",
"product": {
"name": "Codewrights DTMStudio: \u003c1.5.151",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "DTMStudio"
}
],
"category": "vendor",
"name": "Codewrights"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9191",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "CodeWrights GmbH has developed an updated library to address this vulnerability. These libraries are being provided to its customers (vendors) with current support agreements.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
icsa-15-048-03
Vulnerability from csaf_cisa
Published
2015-11-20 07:00
Modified
2025-06-06 22:35
Summary
Yokogawa HART Device DTM Vulnerability
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-15-048-03 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2015/icsa-15-048-03.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-15-048-03 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-048-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "Yokogawa HART Device DTM Vulnerability",
"tracking": {
"current_release_date": "2025-06-06T22:35:00.882056Z",
"generator": {
"date": "2025-06-06T22:35:00.881993Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-15-048-03",
"initial_release_date": "2015-11-20T07:00:00.000000Z",
"revision_history": [
{
"date": "2015-11-20T07:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-06T22:35:00.882056Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Rev.1|Rev.2",
"product": {
"name": "Yokogawa ADMAG AE Series Magnetic Flowmeters (AE/AE14): Rev.1|Rev.2",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "ADMAG AE Series Magnetic Flowmeters (AE/AE14)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Rev.1|Rev.2",
"product": {
"name": "Yokogawa ADMAG SE Series Magnetic Flowmeters (SE/SE14): Rev.1|Rev.2",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "ADMAG SE Series Magnetic Flowmeters (SE/SE14)"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev.1",
"product": {
"name": "Yokogawa AM11 Magnetic Flowmeter Remote Converter: Rev.1",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "AM11 Magnetic Flowmeter Remote Converter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev.1",
"product": {
"name": "Yokogawa AXFA11 Magnetic Flowmeter Remote Converter: Rev.1",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "AXFA11 Magnetic Flowmeter Remote Converter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev.1",
"product": {
"name": "Yokogawa ADMAG AXF Series Magnetic Flowmeters (AXF/AXFA14): Rev.1",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "ADMAG AXF Series Magnetic Flowmeters (AXF/AXFA14)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Rev.1|Rev.2",
"product": {
"name": "Yokogawa ADMAG AXR Two-wire Magnetic Flowmeters: Rev.1|Rev.2",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "ADMAG AXR Two-wire Magnetic Flowmeters"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Rev.1|Rev.2|Rev.3|Rev.4",
"product": {
"name": "Yokogawa digitalYEWFLO Vortex Flowmeter: Rev.1|Rev.2|Rev.3|Rev.4",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "digitalYEWFLO Vortex Flowmeter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Rev.1|Rev.2|Rev.3",
"product": {
"name": "Yokogawa Dpharp EJA /EJA-A Series Pressure Transmitters/Differential PressureTransmitters: Rev.1|Rev.2|Rev.3",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "Dpharp EJA /EJA-A Series Pressure Transmitters/Differential PressureTransmitters"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Rev.1|Rev.2|Rev.3",
"product": {
"name": "Yokogawa Dpharp EJX Series Pressure Transmitters/Differential PressureTransmitters: Rev.1|Rev.2|Rev.3",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "Dpharp EJX Series Pressure Transmitters/Differential PressureTransmitters"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Rev.1|Rev.2",
"product": {
"name": "Yokogawa EJX Multivariable Transmitters\uff08EJX910A/EJX930A): Rev.1|Rev.2",
"product_id": "CSAFPID-0010"
}
}
],
"category": "product_name",
"name": "EJX Multivariable Transmitters\uff08EJX910A/EJX930A)"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev.1",
"product": {
"name": "Yokogawa Rotameter: Rev.1",
"product_id": "CSAFPID-0011"
}
}
],
"category": "product_name",
"name": "Rotameter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Rev.1|Rev.2|Rev.3",
"product": {
"name": "Yokogawa Coriolis Mass Flowmeters- ROTAMASS 3-Series(RCCT3x/RCCF31): Rev.1|Rev.2|Rev.3",
"product_id": "CSAFPID-0012"
}
}
],
"category": "product_name",
"name": "Coriolis Mass Flowmeters- ROTAMASS 3-Series(RCCT3x/RCCF31)"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev.1",
"product": {
"name": "Yokogawa Coriolis Mass Flowmeters(CF11): Rev.1",
"product_id": "CSAFPID-0013"
}
}
],
"category": "product_name",
"name": "Coriolis Mass Flowmeters(CF11)"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev.1",
"product": {
"name": "Yokogawa Differential Pressure Transmitters: Rev.1",
"product_id": "CSAFPID-0014"
}
}
],
"category": "product_name",
"name": "Differential Pressure Transmitters"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Rev.1|Rev.2",
"product": {
"name": "Yokogawa YEWFLO Vortex Flowmeter: Rev.1|Rev.2",
"product_id": "CSAFPID-0015"
}
}
],
"category": "product_name",
"name": "YEWFLO Vortex Flowmeter"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev.1",
"product": {
"name": "Yokogawa YT200 Temperature Transmitters: Rev.1",
"product_id": "CSAFPID-0016"
}
}
],
"category": "product_name",
"name": "YT200 Temperature Transmitters"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Rev.1|Rev.2|Rev.3",
"product": {
"name": "Yokogawa YTA110/YTA310/YTA320 Temperature Transmitters: Rev.1|Rev.2|Rev.3",
"product_id": "CSAFPID-0017"
}
}
],
"category": "product_name",
"name": "YTA110/YTA310/YTA320 Temperature Transmitters"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev.1",
"product": {
"name": "Yokogawa YTA70 Temperature Transmitters: Rev.1",
"product_id": "CSAFPID-0018"
}
}
],
"category": "product_name",
"name": "YTA70 Temperature Transmitters"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev.1",
"product": {
"name": "Yokogawa AV550G: Rev.1",
"product_id": "CSAFPID-0019"
}
}
],
"category": "product_name",
"name": "AV550G"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev.1",
"product": {
"name": "Yokogawa DO202: Rev.1",
"product_id": "CSAFPID-0020"
}
}
],
"category": "product_name",
"name": "DO202"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev.1",
"product": {
"name": "Yokogawa ISC202: Rev.1",
"product_id": "CSAFPID-0021"
}
}
],
"category": "product_name",
"name": "ISC202"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Rev.1|Rev.2",
"product": {
"name": "Yokogawa ISC450: Rev.1|Rev.2",
"product_id": "CSAFPID-0022"
}
}
],
"category": "product_name",
"name": "ISC450"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Rev.1|Rev.2",
"product": {
"name": "Yokogawa PH150: Rev.1|Rev.2",
"product_id": "CSAFPID-0023"
}
}
],
"category": "product_name",
"name": "PH150"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev.1",
"product": {
"name": "Yokogawa PH202: Rev.1",
"product_id": "CSAFPID-0024"
}
}
],
"category": "product_name",
"name": "PH202"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Rev.1|Rev.2",
"product": {
"name": "Yokogawa PH450: Rev.1|Rev.2",
"product_id": "CSAFPID-0025"
}
}
],
"category": "product_name",
"name": "PH450"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Rev.1|Rev.2",
"product": {
"name": "Yokogawa SC150: Rev.1|Rev.2",
"product_id": "CSAFPID-0026"
}
}
],
"category": "product_name",
"name": "SC150"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev.1",
"product": {
"name": "Yokogawa SC202: Rev.1",
"product_id": "CSAFPID-0027"
}
}
],
"category": "product_name",
"name": "SC202"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Rev.1|Rev.2",
"product": {
"name": "Yokogawa SC450: Rev.1|Rev.2",
"product_id": "CSAFPID-0028"
}
}
],
"category": "product_name",
"name": "SC450"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev.1",
"product": {
"name": "Yokogawa ZR202: Rev.1",
"product_id": "CSAFPID-0029"
}
}
],
"category": "product_name",
"name": "ZR202"
},
{
"branches": [
{
"category": "product_version",
"name": "Rev.1",
"product": {
"name": "Yokogawa ZR402: Rev.1",
"product_id": "CSAFPID-0030"
}
}
],
"category": "product_name",
"name": "ZR402"
}
],
"category": "vendor",
"name": "Yokogawa"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9191",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Yokogawa has released an advisory (YSAR-15-0001) to address this issue. It can be found at the following location: http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0001E.pdf",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030"
]
},
{
"category": "mitigation",
"details": "Please contact your local Yokogawa office to obtain the latest version to mitigate this vulnerability. There are offices worldwide",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030"
]
},
{
"category": "mitigation",
"details": "North American office contact information is listed on the following web site: http://www.yokogawa.com/us/contact/index.htm#find-a-yokogawa-office",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030"
]
},
{
"category": "mitigation",
"details": "JPCERT has also released an advisory (JVNVU # 96347573) to disclose this information. It can be found in the following location: http://jvn.jp/vu/JVNVU96347573/index.html (Japanese)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030"
]
}
]
}
]
}
icsa-15-069-02
Vulnerability from csaf_cisa
Published
2015-12-11 07:00
Modified
2025-06-06 22:36
Summary
ABB HART Device DTM Vulnerability
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-15-069-02 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2015/icsa-15-069-02.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-15-069-02 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-069-02"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "ABB HART Device DTM Vulnerability",
"tracking": {
"current_release_date": "2025-06-06T22:36:45.007018Z",
"generator": {
"date": "2025-06-06T22:36:45.006980Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-15-069-02",
"initial_release_date": "2015-12-11T07:00:00.000000Z",
"revision_history": [
{
"date": "2015-12-11T07:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-06T22:36:45.007018Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.17",
"product": {
"name": "ABB ABB Third-Party Device Type Library: \u003c=1.17",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "ABB Third-Party Device Type Library"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "ABB 800xA\u00beDevice Management HART: vers:all/*",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "800xA\u00beDevice Management HART"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.4.178.214",
"product": {
"name": "ABB Freelance ABB Third-Party HART DTMLibrary: \u003c=1.4.178.214",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "Freelance ABB Third-Party HART DTMLibrary"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "ABB Freelance 800F: vers:all/*",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Freelance 800F"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.4.175.185",
"product": {
"name": "ABB S Plus Melody ABB Third-Party HART DTMLibrary: \u003c=1.4.175.185",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "S Plus Melody ABB Third-Party HART DTMLibrary"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "ABB Symphony Plus with Composer Melody: vers:all/*",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "Symphony Plus with Composer Melody"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "ABB S+Engineering for Melody: vers:all/*",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "S+Engineering for Melody"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "ABB Composer Field: vers:all/*",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "Composer Field"
}
],
"category": "vendor",
"name": "ABB"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9191",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Process control systems (including the 4-20 mA current loop for connecting field devices) should be physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and separated from other networks by means of a firewall system that has a minimal number of ports exposed. Process control systems should not be used for Internet surfing, instant messaging, or receiving emails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
{
"category": "mitigation",
"details": "Using a virus scanner on all Windows-based system nodes, with the latest updates and with on\u2011access scanning enabled, can help prevent infection by malicious or unwanted software.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
{
"category": "mitigation",
"details": "ABB\u2019s security bulletin titled SECURITY BULLETIN - HART Vulnerability in ABB Third Party Device Type Library, includes patch information regarding this vulnerability. This security bulletin is available at:http://www05.abb.com/global/scot/scot400.nsf/veritydisplay/8b6117ce372491c0c1257dea004c6536/$file/2PAA114210_-_en_SECURITY_BULLETIN_-_HART_Vulnerability_in_ABB_Third_Party_Device_Type_Library.pdf",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
{
"category": "mitigation",
"details": "ABB provides Alerts and Notifications of their products on their web site at: http://www.abb.com/cawp/abbzh254/2c9d1261d9fa1dcfc1257950002e4fbf.aspx",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
}
]
}
icsa-15-027-01
Vulnerability from csaf_cisa
Published
2015-10-30 06:00
Modified
2025-06-06 22:33
Summary
Magnetrol HART DTM Vulnerability
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-15-027-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2015/icsa-15-027-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-15-027-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-027-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "Magnetrol HART DTM Vulnerability",
"tracking": {
"current_release_date": "2025-06-06T22:33:36.757982Z",
"generator": {
"date": "2025-06-06T22:33:36.757865Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-15-027-01",
"initial_release_date": "2015-10-30T06:00:00.000000Z",
"revision_history": [
{
"date": "2015-10-30T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-06T22:33:36.757982Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Firmware__3.x",
"product": {
"name": "Magnetrol Eclipse Model 705 Guided Wave Radar transmitter: Firmware__3.x",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Eclipse Model 705 Guided Wave Radar transmitter"
},
{
"branches": [
{
"category": "product_version",
"name": "Firmware__1.x",
"product": {
"name": "Magnetrol Echotel Model 355 Ultrasonic transmitter: Firmware__1.x",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Echotel Model 355 Ultrasonic transmitter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "1.x|2.x",
"product": {
"name": "Magnetrol Model R82 Pulse Burst Radar Transmitter: 1.x|2.x",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "Model R82 Pulse Burst Radar Transmitter"
},
{
"branches": [
{
"category": "product_version",
"name": "Firmware__2.x",
"product": {
"name": "Magnetrol Thermatel Model TA2 Thermal Mass Flowmeter: Firmware__2.x",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Thermatel Model TA2 Thermal Mass Flowmeter"
}
],
"category": "vendor",
"name": "Magnetrol"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9191",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Magnetrol has updated the software library impacted. The update can be downloaded here: http://us.magnetrol.com/Product_Catalog.aspx?Id=5",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
}
]
}
icsa-15-036-02
Vulnerability from csaf_cisa
Published
2015-11-08 07:00
Modified
2025-06-06 22:34
Summary
Pepperl+Fuchs Hart Device DTM Vulnerability
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-15-036-02 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2015/icsa-15-036-02.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-15-036-02 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-036-02"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "Pepperl+Fuchs Hart Device DTM Vulnerability",
"tracking": {
"current_release_date": "2025-06-06T22:34:21.972701Z",
"generator": {
"date": "2025-06-06T22:34:21.972590Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-15-036-02",
"initial_release_date": "2015-11-08T07:00:00.000000Z",
"revision_history": [
{
"date": "2015-11-08T07:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-06T22:34:21.972701Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.0.28",
"product": {
"name": "PEPPERL+FUCHS DTM Collection Level Control DTM: \u003c=1.0.28",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "DTM Collection Level Control DTM"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.4.128.8",
"product": {
"name": "PEPPERL+FUCHS DTM Collection CorrTran DTM: \u003c=1.4.128.8",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "DTM Collection CorrTran DTM"
}
],
"category": "vendor",
"name": "PEPPERL+FUCHS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9191",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "mitigation",
"details": "PEPPERL+FUCHS has updated the software library for the DTM Collection Level Control DTM impacted. The updated software Version 1.0.29 is available at: http://www.pepperl-fuchs.com",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "The DTM Collection CorrTran DTM does not have a software update at this time. PEPPERL+FUCHS recommends to physically protect CorrTran MV and CorrTran AQUA installations to prevent any malicious connection to the HART loop.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
}
]
}
icsa-15-237-01
Vulnerability from csaf_cisa
Published
2015-05-28 06:00
Modified
2025-06-06 16:08
Summary
Endress+Hauser HART Device DTM Vulnerability
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-15-237-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2015/icsa-15-237-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-15-237-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-237-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "Endress+Hauser HART Device DTM Vulnerability",
"tracking": {
"current_release_date": "2025-06-06T16:08:22.636411Z",
"generator": {
"date": "2025-06-06T16:08:22.636264Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-15-237-01",
"initial_release_date": "2015-05-28T06:00:00.000000Z",
"revision_history": [
{
"date": "2015-05-28T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-06T16:08:22.636411Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V1.0|\u003c=1.2",
"product": {
"name": "Endress+Hauser Cerabar M / PMx 4x: \u003e=V1.0|\u003c=1.2",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Cerabar M / PMx 4x"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.00.xx",
"product": {
"name": "Endress+Hauser Cerabar M 5x / PMx 5x: V1.00.xx",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Cerabar M 5x / PMx 5x"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_2.20.zz_/_Dev.Rev._22",
"product": {
"name": "Endress+Hauser Cerabar S / PMx 7x / HART: FW_2.20.zz_/_Dev.Rev._22",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "Cerabar S / PMx 7x / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V01.00",
"product": {
"name": "Endress+Hauser Cerabar S / PMx 7x: V01.00",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Cerabar S / PMx 7x"
},
{
"branches": [
{
"category": "product_version",
"name": "V02.00",
"product": {
"name": "Endress+Hauser Cerabar S / PMx 7x: V02.00",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "Cerabar S / PMx 7x"
},
{
"branches": [
{
"category": "product_version",
"name": "V02.10.xx",
"product": {
"name": "Endress+Hauser Cerabar S / PMx 7x: V02.10.xx",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "Cerabar S / PMx 7x"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.x",
"product": {
"name": "Endress+Hauser Cerabar S / PMx x3x: V1.x",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "Cerabar S / PMx x3x"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.x",
"product": {
"name": "Endress+Hauser Cerabar S / PMx x3x: V2.x",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "Cerabar S / PMx x3x"
},
{
"branches": [
{
"category": "product_version",
"name": "V3.x",
"product": {
"name": "Endress+Hauser Cerabar S / PMx x3x: V3.x",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "Cerabar S / PMx x3x"
},
{
"branches": [
{
"category": "product_version",
"name": "V5.0",
"product": {
"name": "Endress+Hauser Cerabar S / PMx x3x: V5.0",
"product_id": "CSAFPID-0010"
}
}
],
"category": "product_name",
"name": "Cerabar S / PMx x3x"
},
{
"branches": [
{
"category": "product_version",
"name": "V7.1",
"product": {
"name": "Endress+Hauser Cerabar S / PMx x3x: V7.1",
"product_id": "CSAFPID-0011"
}
}
],
"category": "product_name",
"name": "Cerabar S / PMx x3x"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_1.00.zz_/_Dev.Rev._1",
"product": {
"name": "Endress+Hauser Deltabar / FMD 7x / HART: FW_1.00.zz_/_Dev.Rev._1",
"product_id": "CSAFPID-0012"
}
}
],
"category": "product_name",
"name": "Deltabar / FMD 7x / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.00.xx",
"product": {
"name": "Endress+Hauser Deltabar M 5x / PMD 55: V1.00.xx",
"product_id": "CSAFPID-0013"
}
}
],
"category": "product_name",
"name": "Deltabar M 5x / PMD 55"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_2.20.zz_/_Dev.Rev._22",
"product": {
"name": "Endress+Hauser Deltabar S / xMD 7x / HART: FW_2.20.zz_/_Dev.Rev._22",
"product_id": "CSAFPID-0014"
}
}
],
"category": "product_name",
"name": "Deltabar S / xMD 7x / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V01.00",
"product": {
"name": "Endress+Hauser Deltabar S / xMD 7x: V01.00",
"product_id": "CSAFPID-0015"
}
}
],
"category": "product_name",
"name": "Deltabar S / xMD 7x"
},
{
"branches": [
{
"category": "product_version",
"name": "V02.00",
"product": {
"name": "Endress+Hauser Deltabar S / xMD 7x: V02.00",
"product_id": "CSAFPID-0016"
}
}
],
"category": "product_name",
"name": "Deltabar S / xMD 7x"
},
{
"branches": [
{
"category": "product_version",
"name": "V02.10.xx",
"product": {
"name": "Endress+Hauser Deltabar S / xMD 7x: V02.10.xx",
"product_id": "CSAFPID-0017"
}
}
],
"category": "product_name",
"name": "Deltabar S / xMD 7x"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.x",
"product": {
"name": "Endress+Hauser Deltabar S / xMD x3x: V1.x",
"product_id": "CSAFPID-0018"
}
}
],
"category": "product_name",
"name": "Deltabar S / xMD x3x"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.x",
"product": {
"name": "Endress+Hauser Deltabar S / xMD x3x: V2.x",
"product_id": "CSAFPID-0019"
}
}
],
"category": "product_name",
"name": "Deltabar S / xMD x3x"
},
{
"branches": [
{
"category": "product_version",
"name": "V5.0",
"product": {
"name": "Endress+Hauser Deltabar S / xMD x3x: V5.0",
"product_id": "CSAFPID-0020"
}
}
],
"category": "product_name",
"name": "Deltabar S / xMD x3x"
},
{
"branches": [
{
"category": "product_version",
"name": "V7.1",
"product": {
"name": "Endress+Hauser Deltabar S / xMD x3x: V7.1",
"product_id": "CSAFPID-0021"
}
}
],
"category": "product_name",
"name": "Deltabar S / xMD x3x"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.00.xx",
"product": {
"name": "Endress+Hauser Deltapilot M 5x / FMB 5x: V1.00.xx",
"product_id": "CSAFPID-0022"
}
}
],
"category": "product_name",
"name": "Deltapilot M 5x / FMB 5x"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.x",
"product": {
"name": "Endress+Hauser Deltapilot S / DB 5x: V1.x",
"product_id": "CSAFPID-0023"
}
}
],
"category": "product_name",
"name": "Deltapilot S / DB 5x"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.0",
"product": {
"name": "Endress+Hauser Deltapilot S / DB 5x: V2.0",
"product_id": "CSAFPID-0024"
}
}
],
"category": "product_name",
"name": "Deltapilot S / DB 5x"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_2.20.zz_/_Dev.Rev._22",
"product": {
"name": "Endress+Hauser Deltapilot S / FMB 70 / HART: FW_2.20.zz_/_Dev.Rev._22",
"product_id": "CSAFPID-0025"
}
}
],
"category": "product_name",
"name": "Deltapilot S / FMB 70 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V02.10.xx",
"product": {
"name": "Endress+Hauser Deltapilot S / FMB 70: V02.10.xx",
"product_id": "CSAFPID-0026"
}
}
],
"category": "product_name",
"name": "Deltapilot S / FMB 70"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_1.04.zz_/_Dev.Rev._3",
"product": {
"name": "Endress+Hauser Gammapilot M / FMG 60 / HART: FW_1.04.zz_/_Dev.Rev._3",
"product_id": "CSAFPID-0027"
}
}
],
"category": "product_name",
"name": "Gammapilot M / FMG 60 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V01.xx",
"product": {
"name": "Endress+Hauser Gammapilot M / FMG 60: V01.xx",
"product_id": "CSAFPID-0028"
}
}
],
"category": "product_name",
"name": "Gammapilot M / FMG 60"
},
{
"branches": [
{
"category": "product_version",
"name": "V02.xx",
"product": {
"name": "Endress+Hauser Gammapilot M / FMG 60: V02.xx",
"product_id": "CSAFPID-0029"
}
}
],
"category": "product_name",
"name": "Gammapilot M / FMG 60"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.1",
"product": {
"name": "Endress+Hauser iTemp / TMT 122: V1.1",
"product_id": "CSAFPID-0030"
}
}
],
"category": "product_name",
"name": "iTemp / TMT 122"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.03.00",
"product": {
"name": "Endress+Hauser iTemp / TMT 142: V1.03.00",
"product_id": "CSAFPID-0031"
}
}
],
"category": "product_name",
"name": "iTemp / TMT 142"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V1.00.00|\u003c=1.02.00",
"product": {
"name": "Endress+Hauser iTemp / TMT 162: \u003e=V1.00.00|\u003c=1.02.00",
"product_id": "CSAFPID-0032"
}
}
],
"category": "product_name",
"name": "iTemp / TMT 162"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.03.00",
"product": {
"name": "Endress+Hauser iTemp / TMT 162: V1.03.00",
"product_id": "CSAFPID-0033"
}
}
],
"category": "product_name",
"name": "iTemp / TMT 162"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.1",
"product": {
"name": "Endress+Hauser iTemp / TMT 182: V1.1",
"product_id": "CSAFPID-0034"
}
}
],
"category": "product_name",
"name": "iTemp / TMT 182"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_1.00.zz_/_Dev.Rev._1",
"product": {
"name": "Endress+Hauser iTEMP / TMT82 / HART: FW_1.00.zz_/_Dev.Rev._1",
"product_id": "CSAFPID-0035"
}
}
],
"category": "product_name",
"name": "iTEMP / TMT82 / HART"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.0|\u003c=2.1",
"product": {
"name": "Endress+Hauser Levelflex / FMP 2xx: \u003e=V2.0|\u003c=2.1",
"product_id": "CSAFPID-0036"
}
}
],
"category": "product_name",
"name": "Levelflex / FMP 2xx"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.00",
"product": {
"name": "Endress+Hauser Levelflex M / FMP 40: V2.00",
"product_id": "CSAFPID-0037"
}
}
],
"category": "product_name",
"name": "Levelflex M / FMP 40"
},
{
"branches": [
{
"category": "product_version",
"name": "V4.xx",
"product": {
"name": "Endress+Hauser Levelflex M / FMP 4x: V4.xx",
"product_id": "CSAFPID-0038"
}
}
],
"category": "product_name",
"name": "Levelflex M / FMP 4x"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.08",
"product": {
"name": "Endress+Hauser Levelflex M Int / FMP 4x I: V1.08",
"product_id": "CSAFPID-0039"
}
}
],
"category": "product_name",
"name": "Levelflex M Int / FMP 4x I"
},
{
"branches": [
{
"category": "product_version",
"name": "1.00.xx",
"product": {
"name": "Endress+Hauser Liquicap M / FMI 5x: 1.00.xx",
"product_id": "CSAFPID-0040"
}
}
],
"category": "product_name",
"name": "Liquicap M / FMI 5x"
},
{
"branches": [
{
"category": "product_version",
"name": "1.03.xx",
"product": {
"name": "Endress+Hauser Liquicap M / FMI 5x: 1.03.xx",
"product_id": "CSAFPID-0041"
}
}
],
"category": "product_name",
"name": "Liquicap M / FMI 5x"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_2.01.zz_/_Dev.Rev._1",
"product": {
"name": "Endress+Hauser Liquiline Cond / CM 42 / HART: FW_2.01.zz_/_Dev.Rev._1",
"product_id": "CSAFPID-0042"
}
}
],
"category": "product_name",
"name": "Liquiline Cond / CM 42 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_1.02.zz_/_Dev.Rev._1",
"product": {
"name": "Endress+Hauser Liquiline M / CM44x: FW_1.02.zz_/_Dev.Rev._1",
"product_id": "CSAFPID-0043"
}
}
],
"category": "product_name",
"name": "Liquiline M / CM44x"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_13.06.zz_/_Dev.Rev._10",
"product": {
"name": "Endress+Hauser Liquiline M Cci / CM 42 / HART: FW_13.06.zz_/_Dev.Rev._10",
"product_id": "CSAFPID-0044"
}
}
],
"category": "product_name",
"name": "Liquiline M Cci / CM 42 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_13.07.zz_/_Dev.Rev._11",
"product": {
"name": "Endress+Hauser Liquiline M Cci / CM 42 / HART: FW_13.07.zz_/_Dev.Rev._11",
"product_id": "CSAFPID-0045"
}
}
],
"category": "product_name",
"name": "Liquiline M Cci / CM 42 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V13.01.xx",
"product": {
"name": "Endress+Hauser Liquiline M Cci / CM 42: V13.01.xx",
"product_id": "CSAFPID-0046"
}
}
],
"category": "product_name",
"name": "Liquiline M Cci / CM 42"
},
{
"branches": [
{
"category": "product_version",
"name": "V13.04.07",
"product": {
"name": "Endress+Hauser Liquiline M Cci / CM 42: V13.04.07",
"product_id": "CSAFPID-0047"
}
}
],
"category": "product_name",
"name": "Liquiline M Cci / CM 42"
},
{
"branches": [
{
"category": "product_version",
"name": "V13.05.xx",
"product": {
"name": "Endress+Hauser Liquiline M Cci / CM 42: V13.05.xx",
"product_id": "CSAFPID-0048"
}
}
],
"category": "product_name",
"name": "Liquiline M Cci / CM 42"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_20.04.zz_/_Dev.Rev._17",
"product": {
"name": "Endress+Hauser Liquiline M DO / CM 42 / HART: FW_20.04.zz_/_Dev.Rev._17",
"product_id": "CSAFPID-0049"
}
}
],
"category": "product_name",
"name": "Liquiline M DO / CM 42 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_20.05.zz_/_Dev.Rev._18",
"product": {
"name": "Endress+Hauser Liquiline M DO / CM 42 / HART: FW_20.05.zz_/_Dev.Rev._18",
"product_id": "CSAFPID-0050"
}
}
],
"category": "product_name",
"name": "Liquiline M DO / CM 42 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V20.02.07",
"product": {
"name": "Endress+Hauser Liquiline M DO / CM 42: V20.02.07",
"product_id": "CSAFPID-0051"
}
}
],
"category": "product_name",
"name": "Liquiline M DO / CM 42"
},
{
"branches": [
{
"category": "product_version",
"name": "V20.02.xx",
"product": {
"name": "Endress+Hauser Liquiline M DO / CM 42: V20.02.xx",
"product_id": "CSAFPID-0052"
}
}
],
"category": "product_name",
"name": "Liquiline M DO / CM 42"
},
{
"branches": [
{
"category": "product_version",
"name": "V20.03.xx",
"product": {
"name": "Endress+Hauser Liquiline M DO / CM 42: V20.03.xx",
"product_id": "CSAFPID-0053"
}
}
],
"category": "product_name",
"name": "Liquiline M DO / CM 42"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_10.06.zz_/_Dev.Rev._0D",
"product": {
"name": "Endress+Hauser Liquiline M pH-ORP / CM 42 / HART: FW_10.06.zz_/_Dev.Rev._0D",
"product_id": "CSAFPID-0054"
}
}
],
"category": "product_name",
"name": "Liquiline M pH-ORP / CM 42 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_10.07.zz_/_Dev.Rev._0E",
"product": {
"name": "Endress+Hauser Liquiline M pH-ORP / CM 42 / HART: FW_10.07.zz_/_Dev.Rev._0E",
"product_id": "CSAFPID-0055"
}
}
],
"category": "product_name",
"name": "Liquiline M pH-ORP / CM 42 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V10.02.xx",
"product": {
"name": "Endress+Hauser Liquiline M pH-ORP / CM 42: V10.02.xx",
"product_id": "CSAFPID-0056"
}
}
],
"category": "product_name",
"name": "Liquiline M pH-ORP / CM 42"
},
{
"branches": [
{
"category": "product_version",
"name": "V10.04.07",
"product": {
"name": "Endress+Hauser Liquiline M pH-ORP / CM 42: V10.04.07",
"product_id": "CSAFPID-0057"
}
}
],
"category": "product_name",
"name": "Liquiline M pH-ORP / CM 42"
},
{
"branches": [
{
"category": "product_version",
"name": "V10.04.xx",
"product": {
"name": "Endress+Hauser Liquiline M pH-ORP / CM 42: V10.04.xx",
"product_id": "CSAFPID-0058"
}
}
],
"category": "product_name",
"name": "Liquiline M pH-ORP / CM 42"
},
{
"branches": [
{
"category": "product_version",
"name": "V10.05.xx",
"product": {
"name": "Endress+Hauser Liquiline M pH-ORP / CM 42: V10.05.xx",
"product_id": "CSAFPID-0059"
}
}
],
"category": "product_name",
"name": "Liquiline M pH-ORP / CM 42"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_2.01.zz_/_Dev.Rev._1",
"product": {
"name": "Endress+Hauser Liquiline Oxygen / CM 42 / HART: FW_2.01.zz_/_Dev.Rev._1",
"product_id": "CSAFPID-0060"
}
}
],
"category": "product_name",
"name": "Liquiline Oxygen / CM 42 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_2.01.zz_/_Dev.Rev._1",
"product": {
"name": "Endress+Hauser Liquiline pHORP / CM 42 / HART: FW_2.01.zz_/_Dev.Rev._1",
"product_id": "CSAFPID-0061"
}
}
],
"category": "product_name",
"name": "Liquiline pHORP / CM 42 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_01.02.zz_/_Dev.Rev.1",
"product": {
"name": "Endress+Hauser Liquiport / CSPxx / HART: FW_01.02.zz_/_Dev.Rev.1",
"product_id": "CSAFPID-0062"
}
}
],
"category": "product_name",
"name": "Liquiport / CSPxx / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_01.02.zz_/_Dev.Rev.1",
"product": {
"name": "Endress+Hauser Liquistation / CSFxx / HART: FW_01.02.zz_/_Dev.Rev.1",
"product_id": "CSAFPID-0063"
}
}
],
"category": "product_name",
"name": "Liquistation / CSFxx / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.30",
"product": {
"name": "Endress+Hauser Liquisys M Chlorine / CCM 2x3: V2.30",
"product_id": "CSAFPID-0064"
}
}
],
"category": "product_name",
"name": "Liquisys M Chlorine / CCM 2x3"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.35",
"product": {
"name": "Endress+Hauser Liquisys M Chlorine / CCM 2x3: V2.35",
"product_id": "CSAFPID-0065"
}
}
],
"category": "product_name",
"name": "Liquisys M Chlorine / CCM 2x3"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.30",
"product": {
"name": "Endress+Hauser Liquisys M Cond. C / CLM 2x3: V2.30",
"product_id": "CSAFPID-0066"
}
}
],
"category": "product_name",
"name": "Liquisys M Cond. C / CLM 2x3"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.30",
"product": {
"name": "Endress+Hauser Liquisys M Cond. I / CLM 2x3: V2.30",
"product_id": "CSAFPID-0067"
}
}
],
"category": "product_name",
"name": "Liquisys M Cond. I / CLM 2x3"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.40",
"product": {
"name": "Endress+Hauser Liquisys M DO / COM 2x3: V2.40",
"product_id": "CSAFPID-0068"
}
}
],
"category": "product_name",
"name": "Liquisys M DO / COM 2x3"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.50",
"product": {
"name": "Endress+Hauser Liquisys M PH / CPM 2x3: V2.50",
"product_id": "CSAFPID-0069"
}
}
],
"category": "product_name",
"name": "Liquisys M PH / CPM 2x3"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.40",
"product": {
"name": "Endress+Hauser Liquisys M Turbidity / CUM 2x3: V2.40",
"product_id": "CSAFPID-0070"
}
}
],
"category": "product_name",
"name": "Liquisys M Turbidity / CUM 2x3"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.4",
"product": {
"name": "Endress+Hauser Micropilot I / FMR 13x: V1.4",
"product_id": "CSAFPID-0071"
}
}
],
"category": "product_name",
"name": "Micropilot I / FMR 13x"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.5",
"product": {
"name": "Endress+Hauser Micropilot I / FMR 13x: V1.5",
"product_id": "CSAFPID-0072"
}
}
],
"category": "product_name",
"name": "Micropilot I / FMR 13x"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.0",
"product": {
"name": "Endress+Hauser Micropilot I / FMR 13x: V2.0",
"product_id": "CSAFPID-0073"
}
}
],
"category": "product_name",
"name": "Micropilot I / FMR 13x"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.1",
"product": {
"name": "Endress+Hauser Micropilot I / FMR 13x: V2.1",
"product_id": "CSAFPID-0074"
}
}
],
"category": "product_name",
"name": "Micropilot I / FMR 13x"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.0",
"product": {
"name": "Endress+Hauser Micropilot II / FMR 23x: V2.0",
"product_id": "CSAFPID-0075"
}
}
],
"category": "product_name",
"name": "Micropilot II / FMR 23x"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.00",
"product": {
"name": "Endress+Hauser Micropilot M / FMR 25x: V1.00",
"product_id": "CSAFPID-0076"
}
}
],
"category": "product_name",
"name": "Micropilot M / FMR 25x"
},
{
"branches": [
{
"category": "product_version",
"name": "V4.xx",
"product": {
"name": "Endress+Hauser Micropilot M / FMR 25x: V4.xx",
"product_id": "CSAFPID-0077"
}
}
],
"category": "product_name",
"name": "Micropilot M / FMR 25x"
},
{
"branches": [
{
"category": "product_version",
"name": "V5.xx",
"product": {
"name": "Endress+Hauser Micropilot M / FMR 25x: V5.xx",
"product_id": "CSAFPID-0078"
}
}
],
"category": "product_name",
"name": "Micropilot M / FMR 25x"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.02",
"product": {
"name": "Endress+Hauser Micropilot M / FMR 2xx: V1.02",
"product_id": "CSAFPID-0079"
}
}
],
"category": "product_name",
"name": "Micropilot M / FMR 2xx"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.00",
"product": {
"name": "Endress+Hauser Micropilot M / FMR 2xx: V2.00",
"product_id": "CSAFPID-0080"
}
}
],
"category": "product_name",
"name": "Micropilot M / FMR 2xx"
},
{
"branches": [
{
"category": "product_version",
"name": "V4.xx",
"product": {
"name": "Endress+Hauser Micropilot M / FMR 2xx: V4.xx",
"product_id": "CSAFPID-0081"
}
}
],
"category": "product_name",
"name": "Micropilot M / FMR 2xx"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.02",
"product": {
"name": "Endress+Hauser Micropilot S / FMR 53x: V1.02",
"product_id": "CSAFPID-0082"
}
}
],
"category": "product_name",
"name": "Micropilot S / FMR 53x"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.00",
"product": {
"name": "Endress+Hauser Micropilot S / FMR 53x: V2.00",
"product_id": "CSAFPID-0083"
}
}
],
"category": "product_name",
"name": "Micropilot S / FMR 53x"
},
{
"branches": [
{
"category": "product_version",
"name": "V3.00",
"product": {
"name": "Endress+Hauser Micropilot S / FMR 53x: V3.00",
"product_id": "CSAFPID-0084"
}
}
],
"category": "product_name",
"name": "Micropilot S / FMR 53x"
},
{
"branches": [
{
"category": "product_version",
"name": "V01.01.xx",
"product": {
"name": "Endress+Hauser Micropilot S / FMR 540: V01.01.xx",
"product_id": "CSAFPID-0085"
}
}
],
"category": "product_name",
"name": "Micropilot S / FMR 540"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V1.0|\u003c=1.2",
"product": {
"name": "Endress+Hauser Multicap / FEC 12: \u003e=V1.0|\u003c=1.2",
"product_id": "CSAFPID-0086"
}
}
],
"category": "product_name",
"name": "Multicap / FEC 12"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.20",
"product": {
"name": "Endress+Hauser Mycom S Cond. C / CLM 153: V1.20",
"product_id": "CSAFPID-0087"
}
}
],
"category": "product_name",
"name": "Mycom S Cond. C / CLM 153"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.20",
"product": {
"name": "Endress+Hauser Mycom S Cond. I / CLM 153: V1.20",
"product_id": "CSAFPID-0088"
}
}
],
"category": "product_name",
"name": "Mycom S Cond. I / CLM 153"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.30",
"product": {
"name": "Endress+Hauser Mycom S PH / CPM 153: V2.30",
"product_id": "CSAFPID-0089"
}
}
],
"category": "product_name",
"name": "Mycom S PH / CPM 153"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.05",
"product": {
"name": "Endress+Hauser Mypro Cond. C / CLx 431: V2.05",
"product_id": "CSAFPID-0090"
}
}
],
"category": "product_name",
"name": "Mypro Cond. C / CLx 431"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.10",
"product": {
"name": "Endress+Hauser Mypro Cond. I / CLx 431: V2.10",
"product_id": "CSAFPID-0091"
}
}
],
"category": "product_name",
"name": "Mypro Cond. I / CLx 431"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.02",
"product": {
"name": "Endress+Hauser Mypro PH / CPM 431: V2.02",
"product_id": "CSAFPID-0092"
}
}
],
"category": "product_name",
"name": "Mypro PH / CPM 431"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.2",
"product": {
"name": "Endress+Hauser Nivotester / FTC625: V1.2",
"product_id": "CSAFPID-0093"
}
}
],
"category": "product_name",
"name": "Nivotester / FTC625"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V1.1|\u003c=1.3",
"product": {
"name": "Endress+Hauser Omnigrad / TMD 832: \u003e=V1.1|\u003c=1.3",
"product_id": "CSAFPID-0094"
}
}
],
"category": "product_name",
"name": "Omnigrad / TMD 832"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V1.0|\u003c=1.1",
"product": {
"name": "Endress+Hauser Omnigrad / TMD 833: \u003e=V1.0|\u003c=1.1",
"product_id": "CSAFPID-0095"
}
}
],
"category": "product_name",
"name": "Omnigrad / TMD 833"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V1.1|\u003c=1.3",
"product": {
"name": "Endress+Hauser Omnigrad / TMD 842: \u003e=V1.1|\u003c=1.3",
"product_id": "CSAFPID-0096"
}
}
],
"category": "product_name",
"name": "Omnigrad / TMD 842"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V1.00.00|\u003c=V1.00.02",
"product": {
"name": "Endress+Hauser Promag / 10: \u003e=V1.00.00|\u003c=V1.00.02",
"product_id": "CSAFPID-0097"
}
}
],
"category": "product_name",
"name": "Promag / 10"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.01.00",
"product": {
"name": "Endress+Hauser Promag / 10: V1.01.00",
"product_id": "CSAFPID-0098"
}
}
],
"category": "product_name",
"name": "Promag / 10"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.02.00",
"product": {
"name": "Endress+Hauser Promag / 10: V1.02.00",
"product_id": "CSAFPID-0099"
}
}
],
"category": "product_name",
"name": "Promag / 10"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.03.00",
"product": {
"name": "Endress+Hauser Promag / 10: V1.03.00",
"product_id": "CSAFPID-0100"
}
}
],
"category": "product_name",
"name": "Promag / 10"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.00.00|\u003c=2.01.00",
"product": {
"name": "Endress+Hauser Promag / 23: \u003e=V2.00.00|\u003c=2.01.00",
"product_id": "CSAFPID-0101"
}
}
],
"category": "product_name",
"name": "Promag / 23"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.02.00|\u003c=2.03.00",
"product": {
"name": "Endress+Hauser Promag / 23: \u003e=V2.02.00|\u003c=2.03.00",
"product_id": "CSAFPID-0102"
}
}
],
"category": "product_name",
"name": "Promag / 23"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.04.00",
"product": {
"name": "Endress+Hauser Promag / 33: V2.04.00",
"product_id": "CSAFPID-0103"
}
}
],
"category": "product_name",
"name": "Promag / 33"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.04.00",
"product": {
"name": "Endress+Hauser Promag / 35 S: V2.04.00",
"product_id": "CSAFPID-0104"
}
}
],
"category": "product_name",
"name": "Promag / 35 S"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.04.00",
"product": {
"name": "Endress+Hauser Promag / 39: V2.04.00",
"product_id": "CSAFPID-0105"
}
}
],
"category": "product_name",
"name": "Promag / 39"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_2.04.zz_/_Dev.Rev._9",
"product": {
"name": "Endress+Hauser Promag / 50 / HART: FW_2.04.zz_/_Dev.Rev._9",
"product_id": "CSAFPID-0106"
}
}
],
"category": "product_name",
"name": "Promag / 50 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.02.0x",
"product": {
"name": "Endress+Hauser Promag / 50: V1.02.0x",
"product_id": "CSAFPID-0107"
}
}
],
"category": "product_name",
"name": "Promag / 50"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.04.0x",
"product": {
"name": "Endress+Hauser Promag / 50: V1.04.0x",
"product_id": "CSAFPID-0108"
}
}
],
"category": "product_name",
"name": "Promag / 50"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.06.0x",
"product": {
"name": "Endress+Hauser Promag / 50: V1.06.0x",
"product_id": "CSAFPID-0109"
}
}
],
"category": "product_name",
"name": "Promag / 50"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.00.00",
"product": {
"name": "Endress+Hauser Promag / 50: V2.00.00",
"product_id": "CSAFPID-0110"
}
}
],
"category": "product_name",
"name": "Promag / 50"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.01.xx",
"product": {
"name": "Endress+Hauser Promag / 50: V2.01.xx",
"product_id": "CSAFPID-0111"
}
}
],
"category": "product_name",
"name": "Promag / 50"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.02.xx",
"product": {
"name": "Endress+Hauser Promag / 50: V2.02.xx",
"product_id": "CSAFPID-0112"
}
}
],
"category": "product_name",
"name": "Promag / 50"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.03.xx",
"product": {
"name": "Endress+Hauser Promag / 50: V2.03.xx",
"product_id": "CSAFPID-0113"
}
}
],
"category": "product_name",
"name": "Promag / 50"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_2.04.zz_/_Dev.Rev._9",
"product": {
"name": "Endress+Hauser Promag / 51 / HART: FW_2.04.zz_/_Dev.Rev._9",
"product_id": "CSAFPID-0114"
}
}
],
"category": "product_name",
"name": "Promag / 51 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.04.0x",
"product": {
"name": "Endress+Hauser Promag / 51: V1.04.0x",
"product_id": "CSAFPID-0115"
}
}
],
"category": "product_name",
"name": "Promag / 51"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.06.0x",
"product": {
"name": "Endress+Hauser Promag / 51: V1.06.0x",
"product_id": "CSAFPID-0116"
}
}
],
"category": "product_name",
"name": "Promag / 51"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.00.0x",
"product": {
"name": "Endress+Hauser Promag / 51: V2.00.0x",
"product_id": "CSAFPID-0117"
}
}
],
"category": "product_name",
"name": "Promag / 51"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.01.xx",
"product": {
"name": "Endress+Hauser Promag / 51: V2.01.xx",
"product_id": "CSAFPID-0118"
}
}
],
"category": "product_name",
"name": "Promag / 51"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.02.xx",
"product": {
"name": "Endress+Hauser Promag / 51: V2.02.xx",
"product_id": "CSAFPID-0119"
}
}
],
"category": "product_name",
"name": "Promag / 51"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.03.xx",
"product": {
"name": "Endress+Hauser Promag / 51: V2.03.xx",
"product_id": "CSAFPID-0120"
}
}
],
"category": "product_name",
"name": "Promag / 51"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_2.03.zz_/_Dev.Rev._8",
"product": {
"name": "Endress+Hauser Promag / 53 / HART: FW_2.03.zz_/_Dev.Rev._8",
"product_id": "CSAFPID-0121"
}
}
],
"category": "product_name",
"name": "Promag / 53 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_2.07.zz_/_Dev.Rev._9",
"product": {
"name": "Endress+Hauser Promag / 53 / HART: FW_2.07.zz_/_Dev.Rev._9",
"product_id": "CSAFPID-0122"
}
}
],
"category": "product_name",
"name": "Promag / 53 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.02.0x",
"product": {
"name": "Endress+Hauser Promag / 53: V1.02.0x",
"product_id": "CSAFPID-0123"
}
}
],
"category": "product_name",
"name": "Promag / 53"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.04.0x",
"product": {
"name": "Endress+Hauser Promag / 53: V1.04.0x",
"product_id": "CSAFPID-0124"
}
}
],
"category": "product_name",
"name": "Promag / 53"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.06.00",
"product": {
"name": "Endress+Hauser Promag / 53: V1.06.00",
"product_id": "CSAFPID-0125"
}
}
],
"category": "product_name",
"name": "Promag / 53"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.00.00",
"product": {
"name": "Endress+Hauser Promag / 53: V2.00.00",
"product_id": "CSAFPID-0126"
}
}
],
"category": "product_name",
"name": "Promag / 53"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.01.xx",
"product": {
"name": "Endress+Hauser Promag / 53: V2.01.xx",
"product_id": "CSAFPID-0127"
}
}
],
"category": "product_name",
"name": "Promag / 53"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.02.xx",
"product": {
"name": "Endress+Hauser Promag / 53: V2.02.xx",
"product_id": "CSAFPID-0128"
}
}
],
"category": "product_name",
"name": "Promag / 53"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_1.03.zz_/_Dev.Rev._4",
"product": {
"name": "Endress+Hauser Promag / 55 / HART: FW_1.03.zz_/_Dev.Rev._4",
"product_id": "CSAFPID-0129"
}
}
],
"category": "product_name",
"name": "Promag / 55 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.00.xx",
"product": {
"name": "Endress+Hauser Promag / 55: V1.00.xx",
"product_id": "CSAFPID-0130"
}
}
],
"category": "product_name",
"name": "Promag / 55"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.01.xx",
"product": {
"name": "Endress+Hauser Promag / 55: V1.01.xx",
"product_id": "CSAFPID-0131"
}
}
],
"category": "product_name",
"name": "Promag / 55"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.02.xx",
"product": {
"name": "Endress+Hauser Promag / 55: V1.02.xx",
"product_id": "CSAFPID-0132"
}
}
],
"category": "product_name",
"name": "Promag / 55"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.02.0x",
"product": {
"name": "Endress+Hauser Promass / 40: V1.02.0x",
"product_id": "CSAFPID-0133"
}
}
],
"category": "product_name",
"name": "Promass / 40"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.04.0x",
"product": {
"name": "Endress+Hauser Promass / 40: V1.04.0x",
"product_id": "CSAFPID-0134"
}
}
],
"category": "product_name",
"name": "Promass / 40"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.05.0x",
"product": {
"name": "Endress+Hauser Promass / 40: V1.05.0x",
"product_id": "CSAFPID-0135"
}
}
],
"category": "product_name",
"name": "Promass / 40"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.06.0x",
"product": {
"name": "Endress+Hauser Promass / 40: V1.06.0x",
"product_id": "CSAFPID-0136"
}
}
],
"category": "product_name",
"name": "Promass / 40"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.00.0x",
"product": {
"name": "Endress+Hauser Promass / 40: V2.00.0x",
"product_id": "CSAFPID-0137"
}
}
],
"category": "product_name",
"name": "Promass / 40"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.01.0x",
"product": {
"name": "Endress+Hauser Promass / 40: V2.01.0x",
"product_id": "CSAFPID-0138"
}
}
],
"category": "product_name",
"name": "Promass / 40"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.02.0x",
"product": {
"name": "Endress+Hauser Promass / 40: V2.02.0x",
"product_id": "CSAFPID-0139"
}
}
],
"category": "product_name",
"name": "Promass / 40"
},
{
"branches": [
{
"category": "product_version",
"name": "V3.01.0x",
"product": {
"name": "Endress+Hauser Promass / 40: V3.01.0x",
"product_id": "CSAFPID-0140"
}
}
],
"category": "product_name",
"name": "Promass / 40"
},
{
"branches": [
{
"category": "product_version",
"name": "V3.01.xx",
"product": {
"name": "Endress+Hauser Promass / 60: V3.01.xx",
"product_id": "CSAFPID-0141"
}
}
],
"category": "product_name",
"name": "Promass / 60"
},
{
"branches": [
{
"category": "product_version",
"name": "V3.02.xx",
"product": {
"name": "Endress+Hauser Promass / 60: V3.02.xx",
"product_id": "CSAFPID-0142"
}
}
],
"category": "product_name",
"name": "Promass / 60"
},
{
"branches": [
{
"category": "product_version",
"name": "V3.03.01",
"product": {
"name": "Endress+Hauser Promass / 60: V3.03.01",
"product_id": "CSAFPID-0143"
}
}
],
"category": "product_name",
"name": "Promass / 60"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.02.xx",
"product": {
"name": "Endress+Hauser Promass / 63: V2.02.xx",
"product_id": "CSAFPID-0144"
}
}
],
"category": "product_name",
"name": "Promass / 63"
},
{
"branches": [
{
"category": "product_version",
"name": "V3.00.00",
"product": {
"name": "Endress+Hauser Promass / 63: V3.00.00",
"product_id": "CSAFPID-0145"
}
}
],
"category": "product_name",
"name": "Promass / 63"
},
{
"branches": [
{
"category": "product_version",
"name": "V3.02.00",
"product": {
"name": "Endress+Hauser Promass / 63: V3.02.00",
"product_id": "CSAFPID-0146"
}
}
],
"category": "product_name",
"name": "Promass / 63"
},
{
"branches": [
{
"category": "product_version",
"name": "V3.03.01",
"product": {
"name": "Endress+Hauser Promass / 63: V3.03.01",
"product_id": "CSAFPID-0147"
}
}
],
"category": "product_name",
"name": "Promass / 63"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.02.0x",
"product": {
"name": "Endress+Hauser Promass / 80: V1.02.0x",
"product_id": "CSAFPID-0148"
}
}
],
"category": "product_name",
"name": "Promass / 80"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.04.0x",
"product": {
"name": "Endress+Hauser Promass / 80: V1.04.0x",
"product_id": "CSAFPID-0149"
}
}
],
"category": "product_name",
"name": "Promass / 80"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.05.0x",
"product": {
"name": "Endress+Hauser Promass / 80: V1.05.0x",
"product_id": "CSAFPID-0150"
}
}
],
"category": "product_name",
"name": "Promass / 80"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.06.0x",
"product": {
"name": "Endress+Hauser Promass / 80: V1.06.0x",
"product_id": "CSAFPID-0151"
}
}
],
"category": "product_name",
"name": "Promass / 80"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.00.0x",
"product": {
"name": "Endress+Hauser Promass / 80: V2.00.0x",
"product_id": "CSAFPID-0152"
}
}
],
"category": "product_name",
"name": "Promass / 80"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.01.0x",
"product": {
"name": "Endress+Hauser Promass / 80: V2.01.0x",
"product_id": "CSAFPID-0153"
}
}
],
"category": "product_name",
"name": "Promass / 80"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.02.0x",
"product": {
"name": "Endress+Hauser Promass / 80: V2.02.0x",
"product_id": "CSAFPID-0154"
}
}
],
"category": "product_name",
"name": "Promass / 80"
},
{
"branches": [
{
"category": "product_version",
"name": "V3.01.0x",
"product": {
"name": "Endress+Hauser Promass / 80: V3.01.0x",
"product_id": "CSAFPID-0155"
}
}
],
"category": "product_name",
"name": "Promass / 80"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_3.07.zz_/_Dev.Rev._0A",
"product": {
"name": "Endress+Hauser Promass / 83 / HART: FW_3.07.zz_/_Dev.Rev._0A",
"product_id": "CSAFPID-0156"
}
}
],
"category": "product_name",
"name": "Promass / 83 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.02.0x",
"product": {
"name": "Endress+Hauser Promass / 83: V1.02.0x",
"product_id": "CSAFPID-0157"
}
}
],
"category": "product_name",
"name": "Promass / 83"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.04.0x",
"product": {
"name": "Endress+Hauser Promass / 83: V1.04.0x",
"product_id": "CSAFPID-0158"
}
}
],
"category": "product_name",
"name": "Promass / 83"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.05.0x",
"product": {
"name": "Endress+Hauser Promass / 83: V1.05.0x",
"product_id": "CSAFPID-0159"
}
}
],
"category": "product_name",
"name": "Promass / 83"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.06.0x",
"product": {
"name": "Endress+Hauser Promass / 83: V1.06.0x",
"product_id": "CSAFPID-0160"
}
}
],
"category": "product_name",
"name": "Promass / 83"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.00.0x",
"product": {
"name": "Endress+Hauser Promass / 83: V2.00.0x",
"product_id": "CSAFPID-0161"
}
}
],
"category": "product_name",
"name": "Promass / 83"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.01.0x",
"product": {
"name": "Endress+Hauser Promass / 83: V2.01.0x",
"product_id": "CSAFPID-0162"
}
}
],
"category": "product_name",
"name": "Promass / 83"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.02.0x",
"product": {
"name": "Endress+Hauser Promass / 83: V2.02.0x",
"product_id": "CSAFPID-0163"
}
}
],
"category": "product_name",
"name": "Promass / 83"
},
{
"branches": [
{
"category": "product_version",
"name": "V3.01.0x",
"product": {
"name": "Endress+Hauser Promass / 83: V3.01.0x",
"product_id": "CSAFPID-0164"
}
}
],
"category": "product_name",
"name": "Promass / 83"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.00.0x",
"product": {
"name": "Endress+Hauser Promass / 84: V2.00.0x",
"product_id": "CSAFPID-0165"
}
}
],
"category": "product_name",
"name": "Promass / 84"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.01.0x",
"product": {
"name": "Endress+Hauser Promass / 84: V2.01.0x",
"product_id": "CSAFPID-0166"
}
}
],
"category": "product_name",
"name": "Promass / 84"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.02.0x",
"product": {
"name": "Endress+Hauser Promass / 84: V2.02.0x",
"product_id": "CSAFPID-0167"
}
}
],
"category": "product_name",
"name": "Promass / 84"
},
{
"branches": [
{
"category": "product_version",
"name": "V3.01.0x",
"product": {
"name": "Endress+Hauser Promass / 84: V3.01.0x",
"product_id": "CSAFPID-0168"
}
}
],
"category": "product_name",
"name": "Promass / 84"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.0",
"product": {
"name": "Endress+Hauser Proservo / NMS 530: V1.0",
"product_id": "CSAFPID-0169"
}
}
],
"category": "product_name",
"name": "Proservo / NMS 530"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.1",
"product": {
"name": "Endress+Hauser Prosonic / FMU 860: V2.1",
"product_id": "CSAFPID-0170"
}
}
],
"category": "product_name",
"name": "Prosonic / FMU 860"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.2|\u003c=2.3",
"product": {
"name": "Endress+Hauser Prosonic / FMU 860: \u003e=V2.2|\u003c=2.3",
"product_id": "CSAFPID-0171"
}
}
],
"category": "product_name",
"name": "Prosonic / FMU 860"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.1",
"product": {
"name": "Endress+Hauser Prosonic / FMU 861: V2.1",
"product_id": "CSAFPID-0172"
}
}
],
"category": "product_name",
"name": "Prosonic / FMU 861"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.2|\u003c=2.3",
"product": {
"name": "Endress+Hauser Prosonic / FMU 861: \u003e=V2.2|\u003c=2.3",
"product_id": "CSAFPID-0173"
}
}
],
"category": "product_name",
"name": "Prosonic / FMU 861"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.1",
"product": {
"name": "Endress+Hauser Prosonic / FMU 862: V2.1",
"product_id": "CSAFPID-0174"
}
}
],
"category": "product_name",
"name": "Prosonic / FMU 862"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.2|\u003c=2.3",
"product": {
"name": "Endress+Hauser Prosonic / FMU 862: \u003e=V2.2|\u003c=2.3",
"product_id": "CSAFPID-0175"
}
}
],
"category": "product_name",
"name": "Prosonic / FMU 862"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.04.0x",
"product": {
"name": "Endress+Hauser Prosonic Flow / 90: V1.04.0x",
"product_id": "CSAFPID-0176"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 90"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.06.0x",
"product": {
"name": "Endress+Hauser Prosonic Flow / 90: V1.06.0x",
"product_id": "CSAFPID-0177"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 90"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.00.0x",
"product": {
"name": "Endress+Hauser Prosonic Flow / 90: V2.00.0x",
"product_id": "CSAFPID-0178"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 90"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.01.0x",
"product": {
"name": "Endress+Hauser Prosonic Flow / 90: V2.01.0x",
"product_id": "CSAFPID-0179"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 90"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_1.02.zz_/_Dev.Rev._3",
"product": {
"name": "Endress+Hauser Prosonic Flow / 91 / HART: FW_1.02.zz_/_Dev.Rev._3",
"product_id": "CSAFPID-0180"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 91 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.00.xx",
"product": {
"name": "Endress+Hauser Prosonic Flow / 91: V1.00.xx",
"product_id": "CSAFPID-0181"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 91"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.01.xx",
"product": {
"name": "Endress+Hauser Prosonic Flow / 91: V1.01.xx",
"product_id": "CSAFPID-0182"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 91"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_1.01.zz_/_Dev.Rev._2",
"product": {
"name": "Endress+Hauser Prosonic Flow / 92 / HART: FW_1.01.zz_/_Dev.Rev._2",
"product_id": "CSAFPID-0183"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 92 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.00.xx",
"product": {
"name": "Endress+Hauser Prosonic Flow / 92: V1.00.xx",
"product_id": "CSAFPID-0184"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 92"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_2.03.zz_/_Dev.Rev._8",
"product": {
"name": "Endress+Hauser Prosonic Flow / 93 / HART: FW_2.03.zz_/_Dev.Rev._8",
"product_id": "CSAFPID-0185"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 93 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.04.0x",
"product": {
"name": "Endress+Hauser Prosonic Flow / 93: V1.04.0x",
"product_id": "CSAFPID-0186"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 93"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.05.0x",
"product": {
"name": "Endress+Hauser Prosonic Flow / 93: V1.05.0x",
"product_id": "CSAFPID-0187"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 93"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.06.0x",
"product": {
"name": "Endress+Hauser Prosonic Flow / 93: V1.06.0x",
"product_id": "CSAFPID-0188"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 93"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.00.0x",
"product": {
"name": "Endress+Hauser Prosonic Flow / 93: V2.00.0x",
"product_id": "CSAFPID-0189"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 93"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.01.0x",
"product": {
"name": "Endress+Hauser Prosonic Flow / 93: V2.01.0x",
"product_id": "CSAFPID-0190"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 93"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.02.0x",
"product": {
"name": "Endress+Hauser Prosonic Flow / 93: V2.02.0x",
"product_id": "CSAFPID-0191"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / 93"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.00.00",
"product": {
"name": "Endress+Hauser Prosonic Flow / DMU93: V1.00.00",
"product_id": "CSAFPID-0192"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / DMU93"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.01.00",
"product": {
"name": "Endress+Hauser Prosonic Flow / DMU93: V1.01.00",
"product_id": "CSAFPID-0193"
}
}
],
"category": "product_name",
"name": "Prosonic Flow / DMU93"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.00",
"product": {
"name": "Endress+Hauser Prosonic M / FMU 4x: V2.00",
"product_id": "CSAFPID-0194"
}
}
],
"category": "product_name",
"name": "Prosonic M / FMU 4x"
},
{
"branches": [
{
"category": "product_version",
"name": "V4.xx",
"product": {
"name": "Endress+Hauser Prosonic M / FMU 4x: V4.xx",
"product_id": "CSAFPID-0195"
}
}
],
"category": "product_name",
"name": "Prosonic M / FMU 4x"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.00.xx",
"product": {
"name": "Endress+Hauser Prosonic S / FMU 90: V2.00.xx",
"product_id": "CSAFPID-0196"
}
}
],
"category": "product_name",
"name": "Prosonic S / FMU 90"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.01.xx",
"product": {
"name": "Endress+Hauser Prosonic S / FMU 90: V2.01.xx",
"product_id": "CSAFPID-0197"
}
}
],
"category": "product_name",
"name": "Prosonic S / FMU 90"
},
{
"branches": [
{
"category": "product_version",
"name": "V01.00.xx",
"product": {
"name": "Endress+Hauser Prosonic S / FMU 9x: V01.00.xx",
"product_id": "CSAFPID-0198"
}
}
],
"category": "product_name",
"name": "Prosonic S / FMU 9x"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.1|\u003c=2.2",
"product": {
"name": "Endress+Hauser Prosonic T / FMU x3x: \u003e=V2.1|\u003c=2.2",
"product_id": "CSAFPID-0199"
}
}
],
"category": "product_name",
"name": "Prosonic T / FMU x3x"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.0",
"product": {
"name": "Endress+Hauser Prothermo / NMT 539(1): V1.0",
"product_id": "CSAFPID-0200"
}
}
],
"category": "product_name",
"name": "Prothermo / NMT 539(1)"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.0",
"product": {
"name": "Endress+Hauser Prothermo / NMT 539(2): V1.0",
"product_id": "CSAFPID-0201"
}
}
],
"category": "product_name",
"name": "Prothermo / NMT 539(2)"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_1.5z_/_Dev.Rev._5",
"product": {
"name": "Endress+Hauser Prothermo / NMT539(1) / HART: FW_1.5z_/_Dev.Rev._5",
"product_id": "CSAFPID-0202"
}
}
],
"category": "product_name",
"name": "Prothermo / NMT539(1) / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_1.5z_/_Dev.Rev._5",
"product": {
"name": "Endress+Hauser Prothermo / NMT539(2) / HART: FW_1.5z_/_Dev.Rev._5",
"product_id": "CSAFPID-0203"
}
}
],
"category": "product_name",
"name": "Prothermo / NMT539(2) / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.1.01",
"product": {
"name": "Endress+Hauser Prowirl / 70: V1.1.01",
"product_id": "CSAFPID-0204"
}
}
],
"category": "product_name",
"name": "Prowirl / 70"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_1.06.zz_/_Dev.Rev._7",
"product": {
"name": "Endress+Hauser Prowirl / 72 / HART: FW_1.06.zz_/_Dev.Rev._7",
"product_id": "CSAFPID-0205"
}
}
],
"category": "product_name",
"name": "Prowirl / 72 / HART"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V1.00.00|\u003c=V1.01.01",
"product": {
"name": "Endress+Hauser Prowirl / 72: \u003e=V1.00.00|\u003c=V1.01.01",
"product_id": "CSAFPID-0206"
}
}
],
"category": "product_name",
"name": "Prowirl / 72"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.02.00",
"product": {
"name": "Endress+Hauser Prowirl / 72: V1.02.00",
"product_id": "CSAFPID-0207"
}
}
],
"category": "product_name",
"name": "Prowirl / 72"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.03.00",
"product": {
"name": "Endress+Hauser Prowirl / 72: V1.03.00",
"product_id": "CSAFPID-0208"
}
}
],
"category": "product_name",
"name": "Prowirl / 72"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.04.00",
"product": {
"name": "Endress+Hauser Prowirl / 72: V1.04.00",
"product_id": "CSAFPID-0209"
}
}
],
"category": "product_name",
"name": "Prowirl / 72"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.05.00",
"product": {
"name": "Endress+Hauser Prowirl / 72: V1.05.00",
"product_id": "CSAFPID-0210"
}
}
],
"category": "product_name",
"name": "Prowirl / 72"
},
{
"branches": [
{
"category": "product_version",
"name": "FW_1.06.zz_/_Dev.Rev._7",
"product": {
"name": "Endress+Hauser Prowirl / 73 / HART: FW_1.06.zz_/_Dev.Rev._7",
"product_id": "CSAFPID-0211"
}
}
],
"category": "product_name",
"name": "Prowirl / 73 / HART"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.00.0x",
"product": {
"name": "Endress+Hauser Prowirl / 73: V1.00.0x",
"product_id": "CSAFPID-0212"
}
}
],
"category": "product_name",
"name": "Prowirl / 73"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.01.0x",
"product": {
"name": "Endress+Hauser Prowirl / 73: V1.01.0x",
"product_id": "CSAFPID-0213"
}
}
],
"category": "product_name",
"name": "Prowirl / 73"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.02.0x",
"product": {
"name": "Endress+Hauser Prowirl / 73: V1.02.0x",
"product_id": "CSAFPID-0214"
}
}
],
"category": "product_name",
"name": "Prowirl / 73"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.03.0x",
"product": {
"name": "Endress+Hauser Prowirl / 73: V1.03.0x",
"product_id": "CSAFPID-0215"
}
}
],
"category": "product_name",
"name": "Prowirl / 73"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.04.0x",
"product": {
"name": "Endress+Hauser Prowirl / 73: V1.04.0x",
"product_id": "CSAFPID-0216"
}
}
],
"category": "product_name",
"name": "Prowirl / 73"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.05.0x",
"product": {
"name": "Endress+Hauser Prowirl / 73: V1.05.0x",
"product_id": "CSAFPID-0217"
}
}
],
"category": "product_name",
"name": "Prowirl / 73"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.0.06",
"product": {
"name": "Endress+Hauser Prowirl / 77: V1.0.06",
"product_id": "CSAFPID-0218"
}
}
],
"category": "product_name",
"name": "Prowirl / 77"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.11",
"product": {
"name": "Endress+Hauser Smartec S / CLD 132: V1.11",
"product_id": "CSAFPID-0219"
}
}
],
"category": "product_name",
"name": "Smartec S / CLD 132"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.04.xx",
"product": {
"name": "Endress+Hauser Tank Side Monitor / NRF 590: V2.04.xx",
"product_id": "CSAFPID-0220"
}
}
],
"category": "product_name",
"name": "Tank Side Monitor / NRF 590"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.00.xx",
"product": {
"name": "Endress+Hauser t-mass / 65: V1.00.xx",
"product_id": "CSAFPID-0221"
}
}
],
"category": "product_name",
"name": "t-mass / 65"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.01.xx",
"product": {
"name": "Endress+Hauser t-mass / 65: V1.01.xx",
"product_id": "CSAFPID-0222"
}
}
],
"category": "product_name",
"name": "t-mass / 65"
},
{
"branches": [
{
"category": "product_version",
"name": "V2.0",
"product": {
"name": "Endress+Hauser t-mass / 70: V2.0",
"product_id": "CSAFPID-0223"
}
}
],
"category": "product_name",
"name": "t-mass / 70"
},
{
"branches": [
{
"category": "product_version",
"name": "V1.00.xx.",
"product": {
"name": "Endress+Hauser Waterpilot 2x / FMX 21: V1.00.xx.",
"product_id": "CSAFPID-0224"
}
}
],
"category": "product_name",
"name": "Waterpilot 2x / FMX 21"
}
],
"category": "vendor",
"name": "Endress+Hauser"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9191",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071",
"CSAFPID-0072",
"CSAFPID-0073",
"CSAFPID-0074",
"CSAFPID-0075",
"CSAFPID-0076",
"CSAFPID-0077",
"CSAFPID-0078",
"CSAFPID-0079",
"CSAFPID-0080",
"CSAFPID-0081",
"CSAFPID-0082",
"CSAFPID-0083",
"CSAFPID-0084",
"CSAFPID-0085",
"CSAFPID-0086",
"CSAFPID-0087",
"CSAFPID-0088",
"CSAFPID-0089",
"CSAFPID-0090",
"CSAFPID-0091",
"CSAFPID-0092",
"CSAFPID-0093",
"CSAFPID-0094",
"CSAFPID-0095",
"CSAFPID-0096",
"CSAFPID-0097",
"CSAFPID-0098",
"CSAFPID-0099",
"CSAFPID-0100",
"CSAFPID-0101",
"CSAFPID-0102",
"CSAFPID-0103",
"CSAFPID-0104",
"CSAFPID-0105",
"CSAFPID-0106",
"CSAFPID-0107",
"CSAFPID-0108",
"CSAFPID-0109",
"CSAFPID-0110",
"CSAFPID-0111",
"CSAFPID-0112",
"CSAFPID-0113",
"CSAFPID-0114",
"CSAFPID-0115",
"CSAFPID-0116",
"CSAFPID-0117",
"CSAFPID-0118",
"CSAFPID-0119",
"CSAFPID-0120",
"CSAFPID-0121",
"CSAFPID-0122",
"CSAFPID-0123",
"CSAFPID-0124",
"CSAFPID-0125",
"CSAFPID-0126",
"CSAFPID-0127",
"CSAFPID-0128",
"CSAFPID-0129",
"CSAFPID-0130",
"CSAFPID-0131",
"CSAFPID-0132",
"CSAFPID-0133",
"CSAFPID-0134",
"CSAFPID-0135",
"CSAFPID-0136",
"CSAFPID-0137",
"CSAFPID-0138",
"CSAFPID-0139",
"CSAFPID-0140",
"CSAFPID-0141",
"CSAFPID-0142",
"CSAFPID-0143",
"CSAFPID-0144",
"CSAFPID-0145",
"CSAFPID-0146",
"CSAFPID-0147",
"CSAFPID-0148",
"CSAFPID-0149",
"CSAFPID-0150",
"CSAFPID-0151",
"CSAFPID-0152",
"CSAFPID-0153",
"CSAFPID-0154",
"CSAFPID-0155",
"CSAFPID-0156",
"CSAFPID-0157",
"CSAFPID-0158",
"CSAFPID-0159",
"CSAFPID-0160",
"CSAFPID-0161",
"CSAFPID-0162",
"CSAFPID-0163",
"CSAFPID-0164",
"CSAFPID-0165",
"CSAFPID-0166",
"CSAFPID-0167",
"CSAFPID-0168",
"CSAFPID-0169",
"CSAFPID-0170",
"CSAFPID-0171",
"CSAFPID-0172",
"CSAFPID-0173",
"CSAFPID-0174",
"CSAFPID-0175",
"CSAFPID-0176",
"CSAFPID-0177",
"CSAFPID-0178",
"CSAFPID-0179",
"CSAFPID-0180",
"CSAFPID-0181",
"CSAFPID-0182",
"CSAFPID-0183",
"CSAFPID-0184",
"CSAFPID-0185",
"CSAFPID-0186",
"CSAFPID-0187",
"CSAFPID-0188",
"CSAFPID-0189",
"CSAFPID-0190",
"CSAFPID-0191",
"CSAFPID-0192",
"CSAFPID-0193",
"CSAFPID-0194",
"CSAFPID-0195",
"CSAFPID-0196",
"CSAFPID-0197",
"CSAFPID-0198",
"CSAFPID-0199",
"CSAFPID-0200",
"CSAFPID-0201",
"CSAFPID-0202",
"CSAFPID-0203",
"CSAFPID-0204",
"CSAFPID-0205",
"CSAFPID-0206",
"CSAFPID-0207",
"CSAFPID-0208",
"CSAFPID-0209",
"CSAFPID-0210",
"CSAFPID-0211",
"CSAFPID-0212",
"CSAFPID-0213",
"CSAFPID-0214",
"CSAFPID-0215",
"CSAFPID-0216",
"CSAFPID-0217",
"CSAFPID-0218",
"CSAFPID-0219",
"CSAFPID-0220",
"CSAFPID-0221",
"CSAFPID-0222",
"CSAFPID-0223",
"CSAFPID-0224"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Endress+Hauser has released a security update addressing the HART Device DTMs. The update can be downloaded here: (https://portal.endress.com/webdownload/FieldCareDownloadGui/)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071",
"CSAFPID-0072",
"CSAFPID-0073",
"CSAFPID-0074",
"CSAFPID-0075",
"CSAFPID-0076",
"CSAFPID-0077",
"CSAFPID-0078",
"CSAFPID-0079",
"CSAFPID-0080",
"CSAFPID-0081",
"CSAFPID-0082",
"CSAFPID-0083",
"CSAFPID-0084",
"CSAFPID-0085",
"CSAFPID-0086",
"CSAFPID-0087",
"CSAFPID-0088",
"CSAFPID-0089",
"CSAFPID-0090",
"CSAFPID-0091",
"CSAFPID-0092",
"CSAFPID-0093",
"CSAFPID-0094",
"CSAFPID-0095",
"CSAFPID-0096",
"CSAFPID-0097",
"CSAFPID-0098",
"CSAFPID-0099",
"CSAFPID-0100",
"CSAFPID-0101",
"CSAFPID-0102",
"CSAFPID-0103",
"CSAFPID-0104",
"CSAFPID-0105",
"CSAFPID-0106",
"CSAFPID-0107",
"CSAFPID-0108",
"CSAFPID-0109",
"CSAFPID-0110",
"CSAFPID-0111",
"CSAFPID-0112",
"CSAFPID-0113",
"CSAFPID-0114",
"CSAFPID-0115",
"CSAFPID-0116",
"CSAFPID-0117",
"CSAFPID-0118",
"CSAFPID-0119",
"CSAFPID-0120",
"CSAFPID-0121",
"CSAFPID-0122",
"CSAFPID-0123",
"CSAFPID-0124",
"CSAFPID-0125",
"CSAFPID-0126",
"CSAFPID-0127",
"CSAFPID-0128",
"CSAFPID-0129",
"CSAFPID-0130",
"CSAFPID-0131",
"CSAFPID-0132",
"CSAFPID-0133",
"CSAFPID-0134",
"CSAFPID-0135",
"CSAFPID-0136",
"CSAFPID-0137",
"CSAFPID-0138",
"CSAFPID-0139",
"CSAFPID-0140",
"CSAFPID-0141",
"CSAFPID-0142",
"CSAFPID-0143",
"CSAFPID-0144",
"CSAFPID-0145",
"CSAFPID-0146",
"CSAFPID-0147",
"CSAFPID-0148",
"CSAFPID-0149",
"CSAFPID-0150",
"CSAFPID-0151",
"CSAFPID-0152",
"CSAFPID-0153",
"CSAFPID-0154",
"CSAFPID-0155",
"CSAFPID-0156",
"CSAFPID-0157",
"CSAFPID-0158",
"CSAFPID-0159",
"CSAFPID-0160",
"CSAFPID-0161",
"CSAFPID-0162",
"CSAFPID-0163",
"CSAFPID-0164",
"CSAFPID-0165",
"CSAFPID-0166",
"CSAFPID-0167",
"CSAFPID-0168",
"CSAFPID-0169",
"CSAFPID-0170",
"CSAFPID-0171",
"CSAFPID-0172",
"CSAFPID-0173",
"CSAFPID-0174",
"CSAFPID-0175",
"CSAFPID-0176",
"CSAFPID-0177",
"CSAFPID-0178",
"CSAFPID-0179",
"CSAFPID-0180",
"CSAFPID-0181",
"CSAFPID-0182",
"CSAFPID-0183",
"CSAFPID-0184",
"CSAFPID-0185",
"CSAFPID-0186",
"CSAFPID-0187",
"CSAFPID-0188",
"CSAFPID-0189",
"CSAFPID-0190",
"CSAFPID-0191",
"CSAFPID-0192",
"CSAFPID-0193",
"CSAFPID-0194",
"CSAFPID-0195",
"CSAFPID-0196",
"CSAFPID-0197",
"CSAFPID-0198",
"CSAFPID-0199",
"CSAFPID-0200",
"CSAFPID-0201",
"CSAFPID-0202",
"CSAFPID-0203",
"CSAFPID-0204",
"CSAFPID-0205",
"CSAFPID-0206",
"CSAFPID-0207",
"CSAFPID-0208",
"CSAFPID-0209",
"CSAFPID-0210",
"CSAFPID-0211",
"CSAFPID-0212",
"CSAFPID-0213",
"CSAFPID-0214",
"CSAFPID-0215",
"CSAFPID-0216",
"CSAFPID-0217",
"CSAFPID-0218",
"CSAFPID-0219",
"CSAFPID-0220",
"CSAFPID-0221",
"CSAFPID-0222",
"CSAFPID-0223",
"CSAFPID-0224"
],
"url": "https://portal.endress.com/webdownload/FieldCareDownloadGui/"
},
{
"category": "mitigation",
"details": "(http://www.us.endress.com/en/online-tools-assist-around-the-clock/process-instrument-support)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071",
"CSAFPID-0072",
"CSAFPID-0073",
"CSAFPID-0074",
"CSAFPID-0075",
"CSAFPID-0076",
"CSAFPID-0077",
"CSAFPID-0078",
"CSAFPID-0079",
"CSAFPID-0080",
"CSAFPID-0081",
"CSAFPID-0082",
"CSAFPID-0083",
"CSAFPID-0084",
"CSAFPID-0085",
"CSAFPID-0086",
"CSAFPID-0087",
"CSAFPID-0088",
"CSAFPID-0089",
"CSAFPID-0090",
"CSAFPID-0091",
"CSAFPID-0092",
"CSAFPID-0093",
"CSAFPID-0094",
"CSAFPID-0095",
"CSAFPID-0096",
"CSAFPID-0097",
"CSAFPID-0098",
"CSAFPID-0099",
"CSAFPID-0100",
"CSAFPID-0101",
"CSAFPID-0102",
"CSAFPID-0103",
"CSAFPID-0104",
"CSAFPID-0105",
"CSAFPID-0106",
"CSAFPID-0107",
"CSAFPID-0108",
"CSAFPID-0109",
"CSAFPID-0110",
"CSAFPID-0111",
"CSAFPID-0112",
"CSAFPID-0113",
"CSAFPID-0114",
"CSAFPID-0115",
"CSAFPID-0116",
"CSAFPID-0117",
"CSAFPID-0118",
"CSAFPID-0119",
"CSAFPID-0120",
"CSAFPID-0121",
"CSAFPID-0122",
"CSAFPID-0123",
"CSAFPID-0124",
"CSAFPID-0125",
"CSAFPID-0126",
"CSAFPID-0127",
"CSAFPID-0128",
"CSAFPID-0129",
"CSAFPID-0130",
"CSAFPID-0131",
"CSAFPID-0132",
"CSAFPID-0133",
"CSAFPID-0134",
"CSAFPID-0135",
"CSAFPID-0136",
"CSAFPID-0137",
"CSAFPID-0138",
"CSAFPID-0139",
"CSAFPID-0140",
"CSAFPID-0141",
"CSAFPID-0142",
"CSAFPID-0143",
"CSAFPID-0144",
"CSAFPID-0145",
"CSAFPID-0146",
"CSAFPID-0147",
"CSAFPID-0148",
"CSAFPID-0149",
"CSAFPID-0150",
"CSAFPID-0151",
"CSAFPID-0152",
"CSAFPID-0153",
"CSAFPID-0154",
"CSAFPID-0155",
"CSAFPID-0156",
"CSAFPID-0157",
"CSAFPID-0158",
"CSAFPID-0159",
"CSAFPID-0160",
"CSAFPID-0161",
"CSAFPID-0162",
"CSAFPID-0163",
"CSAFPID-0164",
"CSAFPID-0165",
"CSAFPID-0166",
"CSAFPID-0167",
"CSAFPID-0168",
"CSAFPID-0169",
"CSAFPID-0170",
"CSAFPID-0171",
"CSAFPID-0172",
"CSAFPID-0173",
"CSAFPID-0174",
"CSAFPID-0175",
"CSAFPID-0176",
"CSAFPID-0177",
"CSAFPID-0178",
"CSAFPID-0179",
"CSAFPID-0180",
"CSAFPID-0181",
"CSAFPID-0182",
"CSAFPID-0183",
"CSAFPID-0184",
"CSAFPID-0185",
"CSAFPID-0186",
"CSAFPID-0187",
"CSAFPID-0188",
"CSAFPID-0189",
"CSAFPID-0190",
"CSAFPID-0191",
"CSAFPID-0192",
"CSAFPID-0193",
"CSAFPID-0194",
"CSAFPID-0195",
"CSAFPID-0196",
"CSAFPID-0197",
"CSAFPID-0198",
"CSAFPID-0199",
"CSAFPID-0200",
"CSAFPID-0201",
"CSAFPID-0202",
"CSAFPID-0203",
"CSAFPID-0204",
"CSAFPID-0205",
"CSAFPID-0206",
"CSAFPID-0207",
"CSAFPID-0208",
"CSAFPID-0209",
"CSAFPID-0210",
"CSAFPID-0211",
"CSAFPID-0212",
"CSAFPID-0213",
"CSAFPID-0214",
"CSAFPID-0215",
"CSAFPID-0216",
"CSAFPID-0217",
"CSAFPID-0218",
"CSAFPID-0219",
"CSAFPID-0220",
"CSAFPID-0221",
"CSAFPID-0222",
"CSAFPID-0223",
"CSAFPID-0224"
],
"url": "http://www.us.endress.com/en/online-tools-assist-around-the-clock/process-instrument-support"
},
{
"category": "mitigation",
"details": "Endress+Hauser Inc. - Technical support Tel.: 888-ENDRESS (mailto:techsupport@us.endress.com) (https://www.us.endress.com/support-options)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071",
"CSAFPID-0072",
"CSAFPID-0073",
"CSAFPID-0074",
"CSAFPID-0075",
"CSAFPID-0076",
"CSAFPID-0077",
"CSAFPID-0078",
"CSAFPID-0079",
"CSAFPID-0080",
"CSAFPID-0081",
"CSAFPID-0082",
"CSAFPID-0083",
"CSAFPID-0084",
"CSAFPID-0085",
"CSAFPID-0086",
"CSAFPID-0087",
"CSAFPID-0088",
"CSAFPID-0089",
"CSAFPID-0090",
"CSAFPID-0091",
"CSAFPID-0092",
"CSAFPID-0093",
"CSAFPID-0094",
"CSAFPID-0095",
"CSAFPID-0096",
"CSAFPID-0097",
"CSAFPID-0098",
"CSAFPID-0099",
"CSAFPID-0100",
"CSAFPID-0101",
"CSAFPID-0102",
"CSAFPID-0103",
"CSAFPID-0104",
"CSAFPID-0105",
"CSAFPID-0106",
"CSAFPID-0107",
"CSAFPID-0108",
"CSAFPID-0109",
"CSAFPID-0110",
"CSAFPID-0111",
"CSAFPID-0112",
"CSAFPID-0113",
"CSAFPID-0114",
"CSAFPID-0115",
"CSAFPID-0116",
"CSAFPID-0117",
"CSAFPID-0118",
"CSAFPID-0119",
"CSAFPID-0120",
"CSAFPID-0121",
"CSAFPID-0122",
"CSAFPID-0123",
"CSAFPID-0124",
"CSAFPID-0125",
"CSAFPID-0126",
"CSAFPID-0127",
"CSAFPID-0128",
"CSAFPID-0129",
"CSAFPID-0130",
"CSAFPID-0131",
"CSAFPID-0132",
"CSAFPID-0133",
"CSAFPID-0134",
"CSAFPID-0135",
"CSAFPID-0136",
"CSAFPID-0137",
"CSAFPID-0138",
"CSAFPID-0139",
"CSAFPID-0140",
"CSAFPID-0141",
"CSAFPID-0142",
"CSAFPID-0143",
"CSAFPID-0144",
"CSAFPID-0145",
"CSAFPID-0146",
"CSAFPID-0147",
"CSAFPID-0148",
"CSAFPID-0149",
"CSAFPID-0150",
"CSAFPID-0151",
"CSAFPID-0152",
"CSAFPID-0153",
"CSAFPID-0154",
"CSAFPID-0155",
"CSAFPID-0156",
"CSAFPID-0157",
"CSAFPID-0158",
"CSAFPID-0159",
"CSAFPID-0160",
"CSAFPID-0161",
"CSAFPID-0162",
"CSAFPID-0163",
"CSAFPID-0164",
"CSAFPID-0165",
"CSAFPID-0166",
"CSAFPID-0167",
"CSAFPID-0168",
"CSAFPID-0169",
"CSAFPID-0170",
"CSAFPID-0171",
"CSAFPID-0172",
"CSAFPID-0173",
"CSAFPID-0174",
"CSAFPID-0175",
"CSAFPID-0176",
"CSAFPID-0177",
"CSAFPID-0178",
"CSAFPID-0179",
"CSAFPID-0180",
"CSAFPID-0181",
"CSAFPID-0182",
"CSAFPID-0183",
"CSAFPID-0184",
"CSAFPID-0185",
"CSAFPID-0186",
"CSAFPID-0187",
"CSAFPID-0188",
"CSAFPID-0189",
"CSAFPID-0190",
"CSAFPID-0191",
"CSAFPID-0192",
"CSAFPID-0193",
"CSAFPID-0194",
"CSAFPID-0195",
"CSAFPID-0196",
"CSAFPID-0197",
"CSAFPID-0198",
"CSAFPID-0199",
"CSAFPID-0200",
"CSAFPID-0201",
"CSAFPID-0202",
"CSAFPID-0203",
"CSAFPID-0204",
"CSAFPID-0205",
"CSAFPID-0206",
"CSAFPID-0207",
"CSAFPID-0208",
"CSAFPID-0209",
"CSAFPID-0210",
"CSAFPID-0211",
"CSAFPID-0212",
"CSAFPID-0213",
"CSAFPID-0214",
"CSAFPID-0215",
"CSAFPID-0216",
"CSAFPID-0217",
"CSAFPID-0218",
"CSAFPID-0219",
"CSAFPID-0220",
"CSAFPID-0221",
"CSAFPID-0222",
"CSAFPID-0223",
"CSAFPID-0224"
],
"url": "mailto:techsupport@us.endress.com"
},
{
"category": "mitigation",
"details": "Endress+Hauser Inc. - Technical support Tel.: 888-ENDRESS (mailto:techsupport@us.endress.com) (https://www.us.endress.com/support-options)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071",
"CSAFPID-0072",
"CSAFPID-0073",
"CSAFPID-0074",
"CSAFPID-0075",
"CSAFPID-0076",
"CSAFPID-0077",
"CSAFPID-0078",
"CSAFPID-0079",
"CSAFPID-0080",
"CSAFPID-0081",
"CSAFPID-0082",
"CSAFPID-0083",
"CSAFPID-0084",
"CSAFPID-0085",
"CSAFPID-0086",
"CSAFPID-0087",
"CSAFPID-0088",
"CSAFPID-0089",
"CSAFPID-0090",
"CSAFPID-0091",
"CSAFPID-0092",
"CSAFPID-0093",
"CSAFPID-0094",
"CSAFPID-0095",
"CSAFPID-0096",
"CSAFPID-0097",
"CSAFPID-0098",
"CSAFPID-0099",
"CSAFPID-0100",
"CSAFPID-0101",
"CSAFPID-0102",
"CSAFPID-0103",
"CSAFPID-0104",
"CSAFPID-0105",
"CSAFPID-0106",
"CSAFPID-0107",
"CSAFPID-0108",
"CSAFPID-0109",
"CSAFPID-0110",
"CSAFPID-0111",
"CSAFPID-0112",
"CSAFPID-0113",
"CSAFPID-0114",
"CSAFPID-0115",
"CSAFPID-0116",
"CSAFPID-0117",
"CSAFPID-0118",
"CSAFPID-0119",
"CSAFPID-0120",
"CSAFPID-0121",
"CSAFPID-0122",
"CSAFPID-0123",
"CSAFPID-0124",
"CSAFPID-0125",
"CSAFPID-0126",
"CSAFPID-0127",
"CSAFPID-0128",
"CSAFPID-0129",
"CSAFPID-0130",
"CSAFPID-0131",
"CSAFPID-0132",
"CSAFPID-0133",
"CSAFPID-0134",
"CSAFPID-0135",
"CSAFPID-0136",
"CSAFPID-0137",
"CSAFPID-0138",
"CSAFPID-0139",
"CSAFPID-0140",
"CSAFPID-0141",
"CSAFPID-0142",
"CSAFPID-0143",
"CSAFPID-0144",
"CSAFPID-0145",
"CSAFPID-0146",
"CSAFPID-0147",
"CSAFPID-0148",
"CSAFPID-0149",
"CSAFPID-0150",
"CSAFPID-0151",
"CSAFPID-0152",
"CSAFPID-0153",
"CSAFPID-0154",
"CSAFPID-0155",
"CSAFPID-0156",
"CSAFPID-0157",
"CSAFPID-0158",
"CSAFPID-0159",
"CSAFPID-0160",
"CSAFPID-0161",
"CSAFPID-0162",
"CSAFPID-0163",
"CSAFPID-0164",
"CSAFPID-0165",
"CSAFPID-0166",
"CSAFPID-0167",
"CSAFPID-0168",
"CSAFPID-0169",
"CSAFPID-0170",
"CSAFPID-0171",
"CSAFPID-0172",
"CSAFPID-0173",
"CSAFPID-0174",
"CSAFPID-0175",
"CSAFPID-0176",
"CSAFPID-0177",
"CSAFPID-0178",
"CSAFPID-0179",
"CSAFPID-0180",
"CSAFPID-0181",
"CSAFPID-0182",
"CSAFPID-0183",
"CSAFPID-0184",
"CSAFPID-0185",
"CSAFPID-0186",
"CSAFPID-0187",
"CSAFPID-0188",
"CSAFPID-0189",
"CSAFPID-0190",
"CSAFPID-0191",
"CSAFPID-0192",
"CSAFPID-0193",
"CSAFPID-0194",
"CSAFPID-0195",
"CSAFPID-0196",
"CSAFPID-0197",
"CSAFPID-0198",
"CSAFPID-0199",
"CSAFPID-0200",
"CSAFPID-0201",
"CSAFPID-0202",
"CSAFPID-0203",
"CSAFPID-0204",
"CSAFPID-0205",
"CSAFPID-0206",
"CSAFPID-0207",
"CSAFPID-0208",
"CSAFPID-0209",
"CSAFPID-0210",
"CSAFPID-0211",
"CSAFPID-0212",
"CSAFPID-0213",
"CSAFPID-0214",
"CSAFPID-0215",
"CSAFPID-0216",
"CSAFPID-0217",
"CSAFPID-0218",
"CSAFPID-0219",
"CSAFPID-0220",
"CSAFPID-0221",
"CSAFPID-0222",
"CSAFPID-0223",
"CSAFPID-0224"
],
"url": "https://www.us.endress.com/support-options"
},
{
"category": "mitigation",
"details": "Endress+Hauser has recommended owners/operators to update HART DTM library 2.41 and FDT tool FieldCare to Version 2.10. For further information please consult the Release Notes and the Technical Information.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071",
"CSAFPID-0072",
"CSAFPID-0073",
"CSAFPID-0074",
"CSAFPID-0075",
"CSAFPID-0076",
"CSAFPID-0077",
"CSAFPID-0078",
"CSAFPID-0079",
"CSAFPID-0080",
"CSAFPID-0081",
"CSAFPID-0082",
"CSAFPID-0083",
"CSAFPID-0084",
"CSAFPID-0085",
"CSAFPID-0086",
"CSAFPID-0087",
"CSAFPID-0088",
"CSAFPID-0089",
"CSAFPID-0090",
"CSAFPID-0091",
"CSAFPID-0092",
"CSAFPID-0093",
"CSAFPID-0094",
"CSAFPID-0095",
"CSAFPID-0096",
"CSAFPID-0097",
"CSAFPID-0098",
"CSAFPID-0099",
"CSAFPID-0100",
"CSAFPID-0101",
"CSAFPID-0102",
"CSAFPID-0103",
"CSAFPID-0104",
"CSAFPID-0105",
"CSAFPID-0106",
"CSAFPID-0107",
"CSAFPID-0108",
"CSAFPID-0109",
"CSAFPID-0110",
"CSAFPID-0111",
"CSAFPID-0112",
"CSAFPID-0113",
"CSAFPID-0114",
"CSAFPID-0115",
"CSAFPID-0116",
"CSAFPID-0117",
"CSAFPID-0118",
"CSAFPID-0119",
"CSAFPID-0120",
"CSAFPID-0121",
"CSAFPID-0122",
"CSAFPID-0123",
"CSAFPID-0124",
"CSAFPID-0125",
"CSAFPID-0126",
"CSAFPID-0127",
"CSAFPID-0128",
"CSAFPID-0129",
"CSAFPID-0130",
"CSAFPID-0131",
"CSAFPID-0132",
"CSAFPID-0133",
"CSAFPID-0134",
"CSAFPID-0135",
"CSAFPID-0136",
"CSAFPID-0137",
"CSAFPID-0138",
"CSAFPID-0139",
"CSAFPID-0140",
"CSAFPID-0141",
"CSAFPID-0142",
"CSAFPID-0143",
"CSAFPID-0144",
"CSAFPID-0145",
"CSAFPID-0146",
"CSAFPID-0147",
"CSAFPID-0148",
"CSAFPID-0149",
"CSAFPID-0150",
"CSAFPID-0151",
"CSAFPID-0152",
"CSAFPID-0153",
"CSAFPID-0154",
"CSAFPID-0155",
"CSAFPID-0156",
"CSAFPID-0157",
"CSAFPID-0158",
"CSAFPID-0159",
"CSAFPID-0160",
"CSAFPID-0161",
"CSAFPID-0162",
"CSAFPID-0163",
"CSAFPID-0164",
"CSAFPID-0165",
"CSAFPID-0166",
"CSAFPID-0167",
"CSAFPID-0168",
"CSAFPID-0169",
"CSAFPID-0170",
"CSAFPID-0171",
"CSAFPID-0172",
"CSAFPID-0173",
"CSAFPID-0174",
"CSAFPID-0175",
"CSAFPID-0176",
"CSAFPID-0177",
"CSAFPID-0178",
"CSAFPID-0179",
"CSAFPID-0180",
"CSAFPID-0181",
"CSAFPID-0182",
"CSAFPID-0183",
"CSAFPID-0184",
"CSAFPID-0185",
"CSAFPID-0186",
"CSAFPID-0187",
"CSAFPID-0188",
"CSAFPID-0189",
"CSAFPID-0190",
"CSAFPID-0191",
"CSAFPID-0192",
"CSAFPID-0193",
"CSAFPID-0194",
"CSAFPID-0195",
"CSAFPID-0196",
"CSAFPID-0197",
"CSAFPID-0198",
"CSAFPID-0199",
"CSAFPID-0200",
"CSAFPID-0201",
"CSAFPID-0202",
"CSAFPID-0203",
"CSAFPID-0204",
"CSAFPID-0205",
"CSAFPID-0206",
"CSAFPID-0207",
"CSAFPID-0208",
"CSAFPID-0209",
"CSAFPID-0210",
"CSAFPID-0211",
"CSAFPID-0212",
"CSAFPID-0213",
"CSAFPID-0214",
"CSAFPID-0215",
"CSAFPID-0216",
"CSAFPID-0217",
"CSAFPID-0218",
"CSAFPID-0219",
"CSAFPID-0220",
"CSAFPID-0221",
"CSAFPID-0222",
"CSAFPID-0223",
"CSAFPID-0224"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071",
"CSAFPID-0072",
"CSAFPID-0073",
"CSAFPID-0074",
"CSAFPID-0075",
"CSAFPID-0076",
"CSAFPID-0077",
"CSAFPID-0078",
"CSAFPID-0079",
"CSAFPID-0080",
"CSAFPID-0081",
"CSAFPID-0082",
"CSAFPID-0083",
"CSAFPID-0084",
"CSAFPID-0085",
"CSAFPID-0086",
"CSAFPID-0087",
"CSAFPID-0088",
"CSAFPID-0089",
"CSAFPID-0090",
"CSAFPID-0091",
"CSAFPID-0092",
"CSAFPID-0093",
"CSAFPID-0094",
"CSAFPID-0095",
"CSAFPID-0096",
"CSAFPID-0097",
"CSAFPID-0098",
"CSAFPID-0099",
"CSAFPID-0100",
"CSAFPID-0101",
"CSAFPID-0102",
"CSAFPID-0103",
"CSAFPID-0104",
"CSAFPID-0105",
"CSAFPID-0106",
"CSAFPID-0107",
"CSAFPID-0108",
"CSAFPID-0109",
"CSAFPID-0110",
"CSAFPID-0111",
"CSAFPID-0112",
"CSAFPID-0113",
"CSAFPID-0114",
"CSAFPID-0115",
"CSAFPID-0116",
"CSAFPID-0117",
"CSAFPID-0118",
"CSAFPID-0119",
"CSAFPID-0120",
"CSAFPID-0121",
"CSAFPID-0122",
"CSAFPID-0123",
"CSAFPID-0124",
"CSAFPID-0125",
"CSAFPID-0126",
"CSAFPID-0127",
"CSAFPID-0128",
"CSAFPID-0129",
"CSAFPID-0130",
"CSAFPID-0131",
"CSAFPID-0132",
"CSAFPID-0133",
"CSAFPID-0134",
"CSAFPID-0135",
"CSAFPID-0136",
"CSAFPID-0137",
"CSAFPID-0138",
"CSAFPID-0139",
"CSAFPID-0140",
"CSAFPID-0141",
"CSAFPID-0142",
"CSAFPID-0143",
"CSAFPID-0144",
"CSAFPID-0145",
"CSAFPID-0146",
"CSAFPID-0147",
"CSAFPID-0148",
"CSAFPID-0149",
"CSAFPID-0150",
"CSAFPID-0151",
"CSAFPID-0152",
"CSAFPID-0153",
"CSAFPID-0154",
"CSAFPID-0155",
"CSAFPID-0156",
"CSAFPID-0157",
"CSAFPID-0158",
"CSAFPID-0159",
"CSAFPID-0160",
"CSAFPID-0161",
"CSAFPID-0162",
"CSAFPID-0163",
"CSAFPID-0164",
"CSAFPID-0165",
"CSAFPID-0166",
"CSAFPID-0167",
"CSAFPID-0168",
"CSAFPID-0169",
"CSAFPID-0170",
"CSAFPID-0171",
"CSAFPID-0172",
"CSAFPID-0173",
"CSAFPID-0174",
"CSAFPID-0175",
"CSAFPID-0176",
"CSAFPID-0177",
"CSAFPID-0178",
"CSAFPID-0179",
"CSAFPID-0180",
"CSAFPID-0181",
"CSAFPID-0182",
"CSAFPID-0183",
"CSAFPID-0184",
"CSAFPID-0185",
"CSAFPID-0186",
"CSAFPID-0187",
"CSAFPID-0188",
"CSAFPID-0189",
"CSAFPID-0190",
"CSAFPID-0191",
"CSAFPID-0192",
"CSAFPID-0193",
"CSAFPID-0194",
"CSAFPID-0195",
"CSAFPID-0196",
"CSAFPID-0197",
"CSAFPID-0198",
"CSAFPID-0199",
"CSAFPID-0200",
"CSAFPID-0201",
"CSAFPID-0202",
"CSAFPID-0203",
"CSAFPID-0204",
"CSAFPID-0205",
"CSAFPID-0206",
"CSAFPID-0207",
"CSAFPID-0208",
"CSAFPID-0209",
"CSAFPID-0210",
"CSAFPID-0211",
"CSAFPID-0212",
"CSAFPID-0213",
"CSAFPID-0214",
"CSAFPID-0215",
"CSAFPID-0216",
"CSAFPID-0217",
"CSAFPID-0218",
"CSAFPID-0219",
"CSAFPID-0220",
"CSAFPID-0221",
"CSAFPID-0222",
"CSAFPID-0223",
"CSAFPID-0224"
]
}
]
}
]
}
icsa-15-012-01a
Vulnerability from csaf_cisa
Published
2015-10-15 06:00
Modified
2025-06-06 22:31
Summary
CodeWrights GmbH HART DTM Vulnerability (Update A)
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-15-012-01A JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2015/icsa-15-012-01a.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-15-012-01A - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-012-01a"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "CodeWrights GmbH HART DTM Vulnerability (Update A)",
"tracking": {
"current_release_date": "2025-06-06T22:31:53.116696Z",
"generator": {
"date": "2025-06-06T22:31:53.116608Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-15-012-01A",
"initial_release_date": "2015-10-15T06:00:00.000000Z",
"revision_history": [
{
"date": "2015-10-15T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-06T22:31:53.116696Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.5.151",
"product": {
"name": "Codewrights DTMStudio: \u003c1.5.151",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "DTMStudio"
}
],
"category": "vendor",
"name": "Codewrights"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9191",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "CodeWrights GmbH has developed an updated library to address this vulnerability. These libraries are being provided to its customers (vendors) with current support agreements.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
icsa-15-012-01b
Vulnerability from csaf_cisa
Published
2015-10-15 06:00
Modified
2025-06-06 22:31
Summary
CodeWrights GmbH HART DTM Vulnerability (Update B)
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-15-012-01B JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2015/icsa-15-012-01b.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-15-012-01B - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-012-01b"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "CodeWrights GmbH HART DTM Vulnerability (Update B)",
"tracking": {
"current_release_date": "2025-06-06T22:31:59.580273Z",
"generator": {
"date": "2025-06-06T22:31:59.580149Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-15-012-01B",
"initial_release_date": "2015-10-15T06:00:00.000000Z",
"revision_history": [
{
"date": "2015-10-15T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-06T22:31:59.580273Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.5.151",
"product": {
"name": "Codewrights DTMStudio: \u003c1.5.151",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "DTMStudio"
}
],
"category": "vendor",
"name": "Codewrights"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9191",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "CodeWrights GmbH has developed an updated library to address this vulnerability. These libraries are being provided to its customers (vendors) with current support agreements.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
fkie_cve-2014-9191
Vulnerability from fkie_nvd
Published
2015-01-10 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/71952 | ||
| ics-cert@hq.dhs.gov | http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf | Vendor Advisory | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A | Third Party Advisory, US Government Resource | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-15-237-01 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/71952 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-15-237-01 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codewrights | hart_device_type_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codewrights:hart_device_type_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D101AC37-B7B4-47C7-97A0-ADF480768B00",
"versionEndIncluding": "1.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop."
},
{
"lang": "es",
"value": "La librar\u00eda CodeWrights HART Device Type Manager (DTM) en Emerson HART DTM anterior a 1.4.181 permite a atacantes f\u00edsicamente pr\u00f3ximos causar una denegaci\u00f3n de servicio (interrupci\u00f3n de DTM y cuelgue de la aplicaci\u00f3n FDT Frame) mediante la transmisi\u00f3n de paquetes de respuesta manipulados en el bucle actual 4-20 mA."
}
],
"id": "CVE-2014-9191",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-10T02:59:34.693",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"url": "http://www.securityfocus.com/bid/71952"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Vendor Advisory"
],
"url": "http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A"
},
{
"source": "ics-cert@hq.dhs.gov",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-237-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-237-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201501-0399
Vulnerability from variot
The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop. HART Device Type Manager is a device type manager. CodeWrights 'HART DTM' Library has a local denial of service vulnerability that can be exploited by local attackers to initiate a denial of service attack. CodeWrights 'HART DTM' library is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201501-0399",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hart device type manager",
"scope": "lte",
"trust": 1.0,
"vendor": "codewrights",
"version": "1.0.44"
},
{
"model": "hart dtm",
"scope": "lt",
"trust": 0.8,
"vendor": "emerson",
"version": "1.4.181"
},
{
"model": "hart device type manager",
"scope": "lt",
"trust": 0.6,
"vendor": "codewrights",
"version": "1.4.181"
},
{
"model": "hart device type manager",
"scope": "eq",
"trust": 0.6,
"vendor": "codewrights",
"version": "1.0.44"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hart device type manager",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "aabdfa2c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-00263"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007577"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-202"
},
{
"db": "NVD",
"id": "CVE-2014-9191"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:emerson:hart_device_type_manager",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007577"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Bolshev",
"sources": [
{
"db": "BID",
"id": "71952"
}
],
"trust": 0.3
},
"cve": "CVE-2014-9191",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2014-9191",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2015-00263",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "aabdfa2c-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-9191",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2014-9191",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2015-00263",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201501-202",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "aabdfa2c-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "aabdfa2c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-00263"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007577"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-202"
},
{
"db": "NVD",
"id": "CVE-2014-9191"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop. HART Device Type Manager is a device type manager. CodeWrights \u0027HART DTM\u0027 Library has a local denial of service vulnerability that can be exploited by local attackers to initiate a denial of service attack. CodeWrights \u0027HART DTM\u0027 library is prone to a denial-of-service vulnerability. \nAn attacker may exploit this issue to cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9191"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007577"
},
{
"db": "CNVD",
"id": "CNVD-2015-00263"
},
{
"db": "BID",
"id": "71952"
},
{
"db": "IVD",
"id": "aabdfa2c-2351-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-9191",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-15-008-01A",
"trust": 2.4
},
{
"db": "ICS CERT",
"id": "ICSA-15-237-01",
"trust": 2.1
},
{
"db": "BID",
"id": "71952",
"trust": 1.9
},
{
"db": "ICS CERT",
"id": "ICSA-15-048-03",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2015-00263",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201501-202",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU96347573",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007577",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-15-008-01",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-15-012-01A",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-15-012-01B",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-15-036-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-15-069-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-15-029-01",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-15-027-01",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-15-012-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "AABDFA2C-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "aabdfa2c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-00263"
},
{
"db": "BID",
"id": "71952"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007577"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-202"
},
{
"db": "NVD",
"id": "CVE-2014-9191"
}
]
},
"id": "VAR-201501-0399",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "aabdfa2c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-00263"
}
],
"trust": 1.4666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "aabdfa2c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-00263"
}
]
},
"last_update_date": "2024-11-23T23:09:20.171000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "EMR.EPM14001-1A",
"trust": 0.8,
"url": "http://www2.emersonprocess.com/siteadmincenter/PM%20Central%20Web%20Documents/EMR%20EPM14001-1.pdf"
},
{
"title": "\u65e5\u672c\u30a8\u30de\u30bd\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.emerson.co.jp/index.html"
},
{
"title": "YSAR-15-0001: \u6a2a\u6cb3\u88fd\u54c1\u306e HART Device DTM\u306b\u30d0\u30c3\u30d5\u30a1\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u306e\u8106\u5f31\u6027",
"trust": 0.8,
"url": "http://www.yokogawa.co.jp/dcs/security/ysar/YSAR-15-0001.pdf"
},
{
"title": "CodeWrights \u0027HART DTM\u0027 Library Patch for Local Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/53962"
},
{
"title": "Rosemount_644_Temperature_Transmitter_8_HART_000026_0018_8_DD1_4_181_4_DTM",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53330"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-00263"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007577"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-202"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007577"
},
{
"db": "NVD",
"id": "CVE-2014-9191"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-008-01a"
},
{
"trust": 2.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-237-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/71952"
},
{
"trust": 1.6,
"url": "http://www2.emersonprocess.com/siteadmincenter/pm%20central%20web%20documents/emr%20epm14001-1.pdf"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9191"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9191"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-048-03"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu96347573/"
},
{
"trust": 0.3,
"url": "http://www1.codewrights.biz/site/index.php/en/our-offering/for-end-users/hart-commdtm "
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-012-01a"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-027-01"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-036-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-048-03#footnotec_6z1l450"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-069-02"
},
{
"trust": 0.3,
"url": "http://www2.emersonprocess.com/siteadmincenter/pm%20central%20web%20documents/emr%20epm14001-1.pdf "
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-008-01-0 "
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-012-01 "
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-012-01b "
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-029-01 "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-00263"
},
{
"db": "BID",
"id": "71952"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007577"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-202"
},
{
"db": "NVD",
"id": "CVE-2014-9191"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "aabdfa2c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-00263"
},
{
"db": "BID",
"id": "71952"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007577"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-202"
},
{
"db": "NVD",
"id": "CVE-2014-9191"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-01-14T00:00:00",
"db": "IVD",
"id": "aabdfa2c-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-01-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-00263"
},
{
"date": "2015-01-08T00:00:00",
"db": "BID",
"id": "71952"
},
{
"date": "2015-01-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007577"
},
{
"date": "2015-01-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-202"
},
{
"date": "2015-01-10T02:59:34.693000",
"db": "NVD",
"id": "CVE-2014-9191"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-01-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-00263"
},
{
"date": "2015-11-03T19:18:00",
"db": "BID",
"id": "71952"
},
{
"date": "2015-09-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007577"
},
{
"date": "2015-01-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-202"
},
{
"date": "2024-11-21T02:20:22.350000",
"db": "NVD",
"id": "CVE-2014-9191"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-202"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CodeWrights \u0027HART DTM\u0027 Library Local Denial of Service Vulnerability",
"sources": [
{
"db": "IVD",
"id": "aabdfa2c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-00263"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Resource management error",
"sources": [
{
"db": "IVD",
"id": "aabdfa2c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-202"
}
],
"trust": 0.8
}
}
cnvd-2015-00263
Vulnerability from cnvd
Title
CodeWrights 'HART DTM' Library本地拒绝服务漏洞
Description
HART Device Type Manager是款设备类型管理器。
CodeWrights 'HART DTM' Library存在本地拒绝服务漏洞,本地攻击者可利用此漏洞发起拒绝服务攻击。
Severity
低
VLAI Severity ?
Patch Name
CodeWrights 'HART DTM' Library本地拒绝服务漏洞的补丁
Patch Description
HART Device Type Manager是款设备类型管理器。
CodeWrights 'HART DTM' Library存在本地拒绝服务漏洞,本地攻击者可利用此漏洞发起拒绝服务攻击。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可以联系供应商获得补丁信息: https://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A
Reference
http://www.securityfocus.com/bid/71952
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9191
Impacted products
| Name | CodeWrights HART Device Type Manager <1.4.181 |
|---|
{
"bids": {
"bid": {
"bidNumber": "71952"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2014-9191"
}
},
"description": "HART Device Type Manager\u662f\u6b3e\u8bbe\u5907\u7c7b\u578b\u7ba1\u7406\u5668\u3002\r\n\r\nCodeWrights \u0027HART DTM\u0027 Library\u5b58\u5728\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u53d1\u8d77\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
"discovererName": "Alexander Bolshev",
"formalWay": "\u7528\u6237\u53ef\u4ee5\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://ics-cert.us-cert.gov/advisories/ICSA-15-008-01A",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2015-00263",
"openTime": "2015-01-14",
"patchDescription": "HART Device Type Manager\u662f\u6b3e\u8bbe\u5907\u7c7b\u578b\u7ba1\u7406\u5668\u3002\r\n\r\nCodeWrights \u0027HART DTM\u0027 Library\u5b58\u5728\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u53d1\u8d77\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "CodeWrights \u0027HART DTM\u0027 Library\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "CodeWrights HART Device Type Manager \u003c1.4.181"
},
"referenceLink": "http://www.securityfocus.com/bid/71952\r\nhttps://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9191",
"serverity": "\u4f4e",
"submitTime": "2015-01-13",
"title": "CodeWrights \u0027HART DTM\u0027 Library\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…