CVE-2021-32955

Delta Electronics DIAEnergie vulnerable in versions up to 1.7.5 (and prior) to unrestricted file uploads, enabling remote code execution. This is the CVE-2021-32955 issue; ICS advisory Update C fixes recommend upgrading to 1.9 or later and applying network isolation measures. The documented impac...

CVE-2021-32955

Delta Electronics DIAEnergie Version 1.7.5 and prior allows unrestricted file uploads, which may allow an attacker to remotely execute code...

CVE-2021-32967

CVE-2021-32967 concerns Delta Electronics DIAEnergie before v1.9. The issue enables an attacker to add a new administrative user without authentication or authorization, potentially allowing remote login with administrative privileges. Public sources in the provided documents confirm a high-impac...

CVE-2021-33003

CVE-2021-33003 affects Delta Electronics DIAEnergie, affected in version 1.7.5 and earlier. The root cause is use of a weak password hashing algorithm, enabling an attacker to retrieve plaintext passwords. ICS advisories (CISA ICSA-21-238-03 Update C) confirm the vulnerability, list affected prod...

CVE-2021-33003

Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords in cleartext due to a weak hashing algorithm...

CVE-2021-33019

CVE-2021-33019 describes a stack-based buffer overflow in Delta Electronics DOPSoft (versions 4.00.11 and earlier) triggered by processing a specially crafted project file, potentially allowing arbitrary code execution. Affected product: DOPSoft, an HMI programming software. Root cause: inadequat...

CVE-2021-33019

A stack-based buffer overflow vulnerability in Delta Electronics DOPSoft Version 4.00.11 and prior may be exploited by processing a specially crafted project file, which may allow an attacker to execute arbitrary code...

CVE-2021-33007

Delta Electronics TPEditor (Windows) is affected by CVE-2021-33007: a heap-based buffer overflow in the TPEditor file parser affecting v1.98.06 and earlier. The vulnerability could allow arbitrary code execution when processing a specially crafted project file. Mitigation: update to Delta TPEdito...

CVE-2021-33007

A heap-based buffer overflow in Delta Electronics TPEditor: v1.98.06 and prior may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code...

DIAEnergie Weak Hash Algorithm Vulnerability

DIAEnergie is an industrial energy management system from Delta Electronics. A weak hash algorithm vulnerability exists in DIAEnergie 1.7.5 and earlier versions. An attacker can exploit this vulnerability to retrieve plaintext passwords...

DIAEnergie File Upload Vulnerability

DIAEnergie, an industrial energy management system from Delta Electronics, is vulnerable to a file upload vulnerability in DIAEnergie 1.7.5 and earlier versions. An attacker could exploit this vulnerability to achieve remote code execution...

DIAEnergie Cross-Site Request Forgery Vulnerability

DIAEnergie is an industrial energy management system from Delta Electronics. A cross-site request forgery vulnerability exists in DIAEnergie 1.7.5 and earlier versions. An attacker can exploit this vulnerability to perform unauthorized operations...

DOPSoft Stack Buffer Overflow Vulnerability

DOPSoft is a Human Machine Interface HMI programming software from Delta Electronics. A stack buffer overflow vulnerability exists in DOPSoft 4.00.11 and earlier versions. The vulnerability can be exploited by an attacker to execute arbitrary code via a specially crafted project file...

The vulnerability of the DOPSoft software, designed for programming Delta Electronics’ DOP-100 series operator panels, relates to buffer overflow in the stack. This allows an attacker to execute arbitrary code.

The vulnerability of the DOPSoft software, designed for programming Delta Electronics’ DOP-100 series operator panels, is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

Delta Electronics DIAEnergie 授权问题漏洞

DIAEnergie, an industrial energy management system from Delta Electronics, is vulnerable to an authentication bypass in DIAEnergie 1.7.5 and earlier. An attacker could use this vulnerability to add a new administrative user without authentication or authorization to be able to log in and use the...

Delta Electronics DIAEnergie 缓冲区错误漏洞

Delta Electronics DIAEnergie is an industrial energy management system for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and maximizing energy efficiency. A securi...

Delta Electronics DIAEnergie 跨站请求伪造漏洞

DIAEnergie is an industrial energy management system from Delta Electronics. A cross-site request forgery vulnerability exists in DIAEnergie 1.7.5 and earlier versions. An attacker can exploit this vulnerability to perform unauthorized operations...

Delta Electronics DIAEnergie 加密问题漏洞

DIAEnergie is an industrial energy management system from Delta Electronics. A weak hash algorithm vulnerability exists in DIAEnergie 1.7.5 and earlier versions. An attacker can exploit this vulnerability to retrieve plaintext passwords...

Delta Electronics DOPSoft (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft Vulnerability: Stack-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-238-04 Delta Electronics DOPSoft that was...

Delta Electronics TPEditor 安全漏洞

TPEditor is programming software for Delta Text Panel running on Windows. TPEditor 1.98.06 and earlier versions are vulnerable to a heap buffer overflow. An attacker can exploit the vulnerability to execute arbitrary code via specially crafted project files...