Delta Electronics DIAEnergie

Act Now9.8ICS-CERT ICSA-22-256-03Sep 19, 2022

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Delta Electronics DIAEnergie versions prior to 1.9.03.009 contain a hardcoded credential or unauthenticated code execution vulnerability (CWE-798) that allows remote attackers to execute arbitrary commands on the system without authentication. This affects industrial automation energy management platforms used in manufacturing. Delta has released version 1.9.03.009 which corrects this issue.

What this means

What could happen

An attacker with network access to DIAEnergie could execute arbitrary code on the system with critical severity (CVSS 9.8), potentially allowing them to alter energy management settings, disrupt monitoring of power distribution, or cause denial of service to the platform.

Who's at risk

Manufacturing facilities using Delta Electronics DIAEnergie for energy management and monitoring. This affects industrial plants that rely on DIAEnergie to track power consumption, manage demand, or coordinate energy distribution across production equipment. Any facility with DIAEnergie exposed on a network or accessible remotely is at risk.

How it could be exploited

An attacker can exploit this vulnerability remotely without authentication or user interaction. The attacker sends a malicious request to the DIAEnergie system (likely via hardcoded credentials or an unauthenticated endpoint) to execute arbitrary commands, which would allow them to modify energy distribution parameters or shut down the service.

Prerequisites

Network access to DIAEnergie system (default port likely 80/443 or proprietary port)
No authentication required for exploitation
DIAEnergie version prior to 1.9.03.009

Remotely exploitableNo authentication requiredLow complexity exploitationHigh CVSS score (9.8)Unauthenticated network accessCritical severity

Exploitability

Moderate exploit probability (EPSS 4.9%)

Affected products (1)

ProductAffected VersionsFix Status

DIAEnergie: < 1.9.03.009< 1.9.03.0091.9.03.009

Remediation & Mitigation

0/4

Do now

0/2

HARDENINGIsolate DIAEnergie system from Internet and business network; place behind firewall with restricted access

WORKAROUNDIf remote access is required, implement VPN with current security patches and restrict to authorized personnel only

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate DIAEnergie to version 1.9.03.009 or later

Long-term hardening

0/1

HARDENINGPerform network segmentation to limit lateral movement if the DIAEnergie system is compromised

CVEs (1)

CVE-2022-3214

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/13330760-067d-4dfc-bcc9-1a0eaf7dfe36