Delta Electronics COMMGR (Update A)

Risk Summary

Successful exploitation of this vulnerability could allow for an attacker to remotely access the AS3000Simulator family in the COMMGR software and execute arbitrary code.

CVEs (1)

Remediations

• COMMGR software Version 1 has reached end of life (EOL).
• Delta Electronics recommends users of COMMGR software Version 1 to take the following precautions:
• Minimize network exposure for all control system devices and software, ensuring they are not accessible from the Internet.
• When remote access is required, use secure methods such as Virtual Private Networks (VPNs).
• Place control system networks and remote devices behind firewalls and isolate them from the business network.
• Never connect programming software to any network other than the one intended for that device.
• Delta Electronics has released COMMGR v2.10.0.
• For more information, see Delta Electronics's Advisory.

Affected Vendors

Affected Products (2)

Affected Sectors

Commercial Facilities, Communications, Critical Manufacturing, Energy, Healthcare and Public Health