DIAEnergie, an industrial energy management system from Delta Electronics, is vulnerable to an authentication bypass in DIAEnergie 1.7.5 and earlier. An attacker could use this vulnerability to add a new administrative user without authentication or authorization to be able to log in and use the device with administrative privileges.