Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-DataCollect service port without proper verification. An attacker could provide malicious serialized objects to execute arbitrary code upon deserialization.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-07 |
![]() ![]() |
History
Thu, 16 Jan 2025 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: icscert
Published: 2023-01-12T23:19:47.452Z
Updated: 2025-01-16T22:02:07.832Z
Reserved: 2022-09-29T14:08:03.175Z
Link: CVE-2022-41778

Updated: 2024-08-03T12:49:44.036Z

Status : Modified
Published: 2023-01-13T00:15:09.480
Modified: 2024-11-21T07:23:49.630
Link: CVE-2022-41778

No data.