CVE-2022-41778 in InfraSuite Device Masterinfo

Summary

by MITRE • 01/13/2023

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-DataCollect service port without proper verification. An attacker could provide malicious serialized objects to execute arbitrary code upon deserialization.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservation

09/29/2022

Disclosure

01/13/2023

Moderation

accepted

Entry

VDB-212358

CPE

ready

CWE

CWE-502 (confirmed)

CVSS

9.8 (VulDB)

EPSS

0.01035

KEV

Activities

very low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2022-41778
NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-41778
CVE Details	https://www.cvedetails.com/cve/CVE-2022-41778/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!