Lucene search
HistoryJul 10, 2023 - 7:15 p.m.
CVE-2023-34347
delta electronics
infrasuite
device master
cve-2023-34347
vulnerability
remote code execution
nvd
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.6%
Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contains classes that cannot be deserialized, which could allow an attack to remotely execute arbitrary code.
Affected configurations
Node
deltawwinfrasuite_device_masterRange<1.0.7
| CPE | Name | Operator | Version |
|---|---|---|---|
| deltaww:infrasuite_device_master | deltaww infrasuite device master | lt | 1.0.7 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Infrasuite Device Master",
"vendor": "Delta Electronics",
"versions": [
{
"lessThan": "v1.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
nvd
nvd
CVE-2023-34347
2023-07-10 19:15:09
zdi
zdi
prion
prion
Code injection
2023-07-10 19:15:00
ics
ics
Delta Electronics InfraSuite Device Master
2023-06-29 12:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.6%
Related for CVE-2023-34347