ICSA-21-238-03 · Published 2022-03-22 · View on CISA ICS-CERT ↗

Delta Electronics DIAEnergie (Update C)

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to retrieve passwords in cleartext, remotely execute code, cause a user to carry out an action unintentionally, or log in and use the device with administrative privileges.

CVEs (13)

CVE-2021-33003 CVE-2021-32967 CVE-2021-32955 CVE-2021-32983 CVE-2021-38390 CVE-2021-38391 CVE-2021-38393 CVE-2021-32991 CVE-2021-23228 CVE-2021-44544 CVE-2021-31558 CVE-2021-44471 CVE-2022-0988

Remediations

Delta Electronics has fixed the reported vulnerabilities and recommends users upgrade to version 1.9 or later.

Affected Vendors

Delta Electronics

Affected Products (1)

Delta Electronics · DIAEnergie < 1.9

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more