Rewterz Threat Advisory – ICS: Multiple Delta Electronics Products Vulnerabilities

Rewterz Threat Alert –ScarCruft APT Targets Security Experts for Gathering Strategic Intelligence – Active IOCs

January 23, 2024

Rewterz Threat Advisory – CVE-2024-0769 – D-Link DIR-859 Vulnerability

January 24, 2024

Rewterz Threat Advisory – ICS: Multiple Delta Electronics Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-5130 CVSS:7.8

Delta Electronics WPLSoft is vulnerable to a buffer overflow, caused by improper bounds checking. By enticing a user to open a specially crafted DVP file, a remote attacker could overflow a buffer and execute arbitrary code on the system.

CVE-2023-5131 CVSS:7.8

Delta Electronics ISPSoft is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By enticing a user to open a specially crafted DVP file, a remote attacker could overflow a buffer and execute arbitrary code on the system.

Impact

Gain Access
Buffer Overflow

Indicators Of Compromise

CVE

CVE-2023-5130
CVE-2023-5131

Affected Vendors

Delta

Affected Products

Delta Electronics WPLSoft 2.42.11
Delta Electronics ISPSoft 3.02.11

Remediation

Refer to Delta Electronics Website for patch, upgrade or suggested workaround information.

CVE-2023-5130

CVE-2023-5131

Rewterz Threat Alert –ScarCruft APT Targets Security Experts for Gathering Strategic Intelligence – Active IOCs

Rewterz Threat Advisory – CVE-2024-0769 – D-Link DIR-859 Vulnerability

Rewterz Threat Advisory – ICS: Multiple Delta Electronics Products Vulnerabilities

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan