Vulnerability CVE-2022-38142


Published: 2022-10-31

Description:
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-Gateway service port without proper verification. An attacker could provide malicious serialized objects to execute arbitrary code upon deserialization.

Type:

CWE-502

(Deserialization of Untrusted Data)

 References:
https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-07

Copyright 2026, cxsecurity.com

 

Back to Top