← Back to home
ICSA-18-172-01  ·  Published 2018-06-21  ·  View on CISA ICS-CERT ↗

Delta Electronics Delta Industrial Automation COMMGR

CVSS 7.3 HIGH

Risk Summary

Successful exploitation of this vulnerability may allow remote code execution, cause the application to crash, or cause a denial-of-service condition in the application server.

CVEs (1)

Remediations

  • Delta Electronics has released COMMGR v1.09 to address this vulnerability and recommends users upgrade. The updated version can be downloaded at:
  • Delta Electronics also recommends affected users apply application whitelists to allow only trusted communications via Ports 502 and 10002.

Affected Vendors

Delta Electronics

Affected Products (3)

Delta Electronics · COMMGR <=1.08
Delta Electronics · DVPSimulator EH2 | EH3 | ES2 | SS2
Delta Electronics · AHSIM_5x0 AHSIM_5x0 | AHSIM_5x1

Affected Sectors

Commercial Facilities, Communications, Critical Manufacturing, Energy, Healthcare and Public Health

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more