Stored Cross-Site Scripting Vulnerability in DIAEnergie by Delta Electronics
CVE-2025-57700

7HIGH

Key Information:

Vendor: Delta Electronics
Status: Diaenergie
Vendor: CVE Published:; 18 August 2025

🔔 Create Delta Electronics Vulnerability Alert

What is CVE-2025-57700?

The DIAEnergie software by Delta Electronics is susceptible to a stored cross-site scripting vulnerability, which allows attackers to inject malicious scripts into web pages viewed by other users. This vulnerability can lead to unauthorized actions and data theft, as the injected code executes in the context of the affected user's session. Various versions of DIAEnergie may be affected, and users are urged to apply security patches to mitigate the risk.

Affected Version(s)

DIAEnergie Windows 0 <= 1.11.00.002

References

https://filecenter.deltaww.com/news/download/doc/Delta-PC...

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 18, 2025
Vulnerability Reserved
Aug 18, 2025