CVE-2023-0251
CVE-2023-0251

7.8HIGH

Key Information:

Vendor: Delta Electronics
Status: Diascreen
Vendor: CVE Published:; 8 February 2023

Summary

Delta Electronics DIAScreen software versions up to 1.2.1.23 are prone to a buffer overflow vulnerability due to inadequate controls on memory operations. This flaw could potentially enable an attacker to execute arbitrary code remotely, compromising the integrity and security of the affected system. Organizations using these versions should implement necessary updates and security measures promptly to mitigate the risk.

Affected Version(s)

DIAScreen All versions <= 1.2.1.23

References

https://www.cisa.gov/uscert/ics/advisories/icsa-23-033-01

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 8, 2023
Vulnerability Reserved
Jan 12, 2023

Credit

Natnael Samson (@NattiSamson)

Trend Micro’s Zero Day Initiative