OTPulse
FeedAboutContact

Delta Electronics InfraSuite Device Master

Act Now9.8ICS-CERT ICSA-24-130-03May 9, 2024
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

Delta Electronics InfraSuite Device Master versions 1.0.10 and earlier contain an unsafe deserialization vulnerability (CWE-502) that allows remote code execution. An attacker with network access can exploit this flaw without authentication to run arbitrary commands. The vulnerability affects the central infrastructure management platform that monitors and controls distributed SCADA and automation devices.

What this means
What could happen
An attacker could execute arbitrary code on the Device Master, potentially compromising the entire infrastructure management platform and all connected devices or systems it controls.
Who's at risk
Water utilities and electric utilities using Delta Electronics InfraSuite Device Master for infrastructure management should prioritize this immediately. The Device Master is a centralized control platform; compromise could affect all connected SCADA systems, PLCs, and remote terminal units (RTUs) that it manages.
How it could be exploited
An attacker with network access to the Device Master can send a malicious request that exploits unsafe deserialization (CWE-502) to execute code remotely without authentication. No user interaction is required.
Prerequisites
  • Network access to the Device Master on its listening port
  • No authentication or credentials required
remotely exploitableno authentication requiredlow complexityactively exploited (KEV)very high EPSS score (94.4%)affects infrastructure management platform
Exploitability
Actively exploited — confirmed by CISA KEV
Affected products (1)
ProductAffected VersionsFix Status
InfraSuite Device Master: <=1.0.10≤ 1.0.101.0.11 or later
Remediation & Mitigation
0/3
Do now
0/3
HOTFIXUpdate Delta Electronics InfraSuite Device Master to version 1.0.11 or later
HARDENINGIsolate the Device Master from the internet and business networks; place it behind a firewall
WORKAROUNDRestrict network access to the Device Master to only authorized engineering and operations personnel; use VPN with strong authentication if remote access is required
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/658ece56-03f0-48a2-a806-2dbaf3abd089
Delta Electronics InfraSuite Device Master | CVSS 9.8 - OTPulse