Required CVE Record Information
Description
Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contains classes that cannot be deserialized, which could allow an attack to remotely execute arbitrary code.
CVSS 1 Total
| Score | Severity | Version | Vector String |
|---|---|---|---|
| 9.8 | CRITICAL | 3.1 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Credits
- Piotr Bazydlo (@chudypb) of Trend Micro’s Zero Day Initiative reported these vulnerabilities to CISA. finder
References 1 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.