Lucene search
HistoryMar 27, 2023 - 3:15 p.m.
CVE-2023-1143
delta electronics
infrasuite
device master
lua scripts
remote execution
arbitrary code
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.001
Percentile
48.8%
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use Lua scripts, which could allow an attacker to remotely execute arbitrary code.
Affected configurations
Node
deltawwinfrasuite_device_masterRange<1.0.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| deltaww | infrasuite_device_master | * | cpe:2.3:a:deltaww:infrasuite_device_master:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-1143 CVE-2023-1143
2023-03-27 14:46:20
cve
cve
CVE-2023-1143
2023-03-27 15:15:08
cnvd
cnvd
Delta Electronics InfraSuite Device Master has an unspecified vulnerability
2023-03-29 00:00:00
zdi
zdi
prion
prion
Code injection
2023-03-27 15:15:00
ics
ics
Delta Electronics InfraSuite Device Master
2023-03-21 12:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.001
Percentile
48.8%
Related for NVD:CVE-2023-1143