ICSA-24-123-02 · Published 2024-05-02 · View on CISA ICS-CERT ↗

Delta Electronics DIAEnergie

CVSS 8.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow an authenticated attacker with limited privileges to escalate privileges, retrieve confidential information, upload arbitrary files, backdoor the application, and compromise the system on which DIAEnergie is deployed.

CVEs (3)

CVE-2024-34031 CVE-2024-34032 CVE-2024-34033

Remediations

Delta Electronics recommends users update to DIAEnergie v1.10.01.004 to mitigate these vulnerabilities. Users can request this version of DIAEnergie from Delta Electronics' regional sales or agents.

Affected Vendors

Delta Electronics

Affected Products (1)

Delta Electronics · DIAEnergie v1.10.00.005

Affected Sectors

Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more