ICSA-21-294-02 · Published 2021-10-21 · View on CISA ICS-CERT ↗

Delta Electronics DIALink

CVSS 8.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to access unauthorized information, remotely execute code, access the application directory and escalate privileges, take over the system where the software is installed, and modify the installation directory and upload malicious files.

CVEs (10)

CVE-2021-38418 CVE-2021-38428 CVE-2021-38488 CVE-2021-38407 CVE-2021-38403 CVE-2021-38411 CVE-2021-38424 CVE-2021-38422 CVE-2021-38416 CVE-2021-38420

Remediations

Delta Electronics is aware of the vulnerabilities and is currently working on an update.

Affected Vendors

Delta Electronics

Affected Products (1)

Delta Electronics · DIALink <= 1.2.4.0

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more