ICSA-23-080-02 · Published 2023-03-29 · View on CISA ICS-CERT ↗

Delta Electronics InfraSuite Device Master

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to obtain access to files and credentials, escalate privileges, and remotely execute arbitrary code.

CVEs (13)

CVE-2023-1133 CVE-2023-1139 CVE-2023-1145 CVE-2023-1138 CVE-2023-1144 CVE-2023-1137 CVE-2023-1143 CVE-2023-1134 CVE-2023-1142 CVE-2023-1136 CVE-2023-1141 CVE-2023-1135 CVE-2023-1140

Remediations

Delta Electronics recommends users uninstall old versions of InfraSuite Device Master and reinstall the updated version 1.0.5 using the installer.

Affected Vendors

Delta Electronics

Affected Products (1)

Delta Electronics · InfraSuite Device Master < 1.0.5

Affected Sectors

Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more