CVE-2022-3214
9.8CRITICALDelta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Exec
Publicado: 9/16/2022Atualizado: 11/21/2024
Descrição
Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing remote code execution.
Análise IADesenvolvido por IA
Produtos Afetados
deltawwdiaenergie
Referências
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-256-03Third Party AdvisoryUS Government Resource
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-256-03Third Party AdvisoryUS Government Resource