CVE-2023-1141
CVE-2023-1141

8.8HIGH

Key Information:

Vendor: Delta Electronics
Status: Infrasuite Device Master
Vendor: CVE Published:; 27 March 2023

Summary

The Delta Electronics InfraSuite Device Master is susceptible to a command injection vulnerability that permits attackers to execute arbitrary commands. This can potentially lead to remote code execution, compromising the security of the device and the network it is integrated into. Users of the affected version should update to the latest release to mitigate risks and enhance the security of their systems.

Affected Version(s)

InfraSuite Device Master 0 < 1.0.5

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-0...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 27, 2023
Vulnerability Reserved
Mar 1, 2023