Rewterz Threat Advisory – ICS: Multiple Delta Electronics InfraSuite Device Master Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-47279 CVSS:7.5

Delta Electronics InfraSuite Device Master could allow a remote attacker to traverse directories on the system, caused by improper validation of user requests. By using a specially crafted UDP packet, an attacker could send a specially crafted URL request containing “dot dot” sequences (/../) to obtain plaintext credentials or carry out NTLM relaying.

CVE-2023-39226 CVSS:9.8

Delta Electronics InfraSuite Device Master could allow a remote attacker to execute arbitrary code on the system, caused by an exposed dangerous function or method. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-47207 CVSS:9.8

Delta Electronics InfraSuite Device Master could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data. An attacker could exploit this vulnerability to execute arbitrary code on the system with local administrator privileges.

CVE-2023-46690 CVSS:8.8

Delta Electronics InfraSuite Device Master could allow a remote authenticated attacker to traverse directories on the system, caused by improper validation of user requests. An attacker could send a specially crafted URL request containing “dot dot” sequences (/../) to write any file to any location on the filesystem.

Impact

• Information Theft
• Code Execution

Indicators Of Compromise

CVE

• CVE-2023-47279
• CVE-2023-39226
• CVE-2023-47207
• CVE-2023-46690

Affected Vendors

Delta Electronics

Affected Products

• Delta Electronics InfraSuite Device Master 1.0.0
• Delta Electronics InfraSuite Device Master 1.0.6

Remediation

Upgrade to the latest version of InfraSuite Device Master, available from the Delta Electronics Web site.

Delta Electronics Web site