Vulnerability CVE-2022-26839
Published: 2022-03-29

Description:
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to an incorrect default permission in the DIAEnergie application, which may allow an attacker to plant new files (such as DLLs) or replace existing executable files.

Type:

CWE-276

 (Incorrect Default Permissions)

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Deltaww -> Diaenergie 

 References:
https://www.cisa.gov/uscert/ics/advisories/icsa-22-081-01
Copyright 2026, cxsecurity.com

 

Back to Top