Delta Electronics DIAEnergie v1.10.1.8610 and Prior Faces Denial of Service Vulnerability
CVE-2024-4549

7.5HIGH

Key Information:

Vendor
Delta Electronics
Status
Diaenergie
Vendor
CVE Published:
6 May 2024

Summary

A denial of service vulnerability is present in Delta Electronics DIAEnergie software versions up to v1.10.1.8610. This vulnerability is triggered when the system processes a specific instruction known as the 'ICS Restart!' message, leading to an unintentional restart of the CEBC.exe process. This unintended behavior can disrupt operations and may lead to a temporary loss of service, potentially impacting users relying on the software. Immediate assessment and mitigation strategies are advised for affected installations.

Affected Version(s)

DIAEnergie 0 <= 1.10.1.8610

References

https://www.tenable.com/security/research/tra-2024-13

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.