Delta Industrial Automation DIALink

Plan PatchCVSS 9.8ICS-CERT ICSA-22-235-02Aug 23, 2022

Delta ElectronicsManufacturing

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Delta Industrial Automation DIALink version 1.4.0.0 and earlier contains a vulnerability that allows unauthenticated remote access to sensitive data (CWE-321). Exploitation does not require user interaction and can be performed over the network. Successful exploitation could result in disclosure of sensitive configuration data, credentials, and operational parameters used in manufacturing control systems. Delta Electronics has implemented mitigation measures in DIALink v1.5.0.0, which is available only through direct contact with Delta customer service and is not publicly released.

What this means

What could happen

An attacker could expose sensitive data from DIALink systems without authentication, potentially revealing engineering configurations, credentials, or operational parameters used to control manufacturing equipment.

Who's at risk

Manufacturing facilities using Delta Industrial Automation DIALink for control system configuration and monitoring. This affects any plant where DIALink is used to manage PLCs, drives, or other automation equipment and where sensitive configuration or operational data must be protected.

How it could be exploited

An attacker with network access to a DIALink instance (default port 502 or management interface) can send a crafted request to extract sensitive data without providing credentials. No user interaction is required.

Prerequisites

Network access to the DIALink device or management interface
DIALink version 1.4.0.0 or earlier
No authentication credentials required

remotely exploitableno authentication requiredlow complexityhigh CVSS score (9.8)sensitive data exposureno public patch available

Exploitability

Unlikely to be exploited — EPSS score 0.2%

Affected products (1)

ProductAffected VersionsFix Status

Delta Industrial Automation DIALink:≤ 1.4.0.01.5.0.0

Remediation & Mitigation

0/4

Do now

0/3

HOTFIXContact Delta Electronics customer service or representative to obtain DIALink v1.5.0.0, which includes mitigation measures for this vulnerability

HARDENINGEnsure DIALink devices are not directly accessible from the Internet; place them behind a firewall and restrict network access to authorized engineering workstations only

HARDENINGIsolate DIALink systems from business networks and separate control system networks from corporate IT

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HARDENINGIf remote access to DIALink is required, use VPN with the most current version available and ensure connected devices are patched

CVEs (1)

CVE-2022-2660

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/9cbf74a3-6af7-4408-ad1e-d64e5c00bb6c

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.