| |
Vulnerability CVE-2022-38142
Published: 2022-10-31
Description: |
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-Gateway service port without proper verification. An attacker could provide malicious serialized objects to execute arbitrary code upon deserialization. |
Type:
CWE-502 (Deserialization of Untrusted Data)
References: |
https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-07
|
|
|
Copyright 2024, cxsecurity.com
|
|
|