CVE-2023-1141:
First published: Mon Mar 27 2023(Updated: )
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a command injection vulnerability that could allow an attacker to inject arbitrary commands, which could result in remote code execution.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Deltaww Infrasuite Device Master | <1.0.5 | |
| Delta Electronics Versions prior to 1.0.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-1141?
CVE-2023-1141 is a command injection vulnerability in Delta Electronics InfraSuite Device Master versions prior to 1.0.5 that could allow an attacker to inject arbitrary commands and achieve remote code execution.
How severe is CVE-2023-1141?
CVE-2023-1141 has a severity rating of 8.8, which is considered high.
Which software versions are affected by CVE-2023-1141?
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by CVE-2023-1141.
How can an attacker exploit CVE-2023-1141?
An attacker can exploit CVE-2023-1141 by injecting arbitrary commands, which could lead to remote code execution.
Is there a fix available for CVE-2023-1141?
Yes, the fix for CVE-2023-1141 is to update to Delta Electronics InfraSuite Device Master version 1.0.5 or newer.
- collector/nvd-index
- agent/type
- agent/author
- agent/weakness
- agent/references
- agent/description
- collector/ics-cert-advisory
- source/ICS
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/last-modified-date
- agent/severity
- agent/tags
- agent/first-publish-date
- agent/event
- vendor/deltaww
- canonical/deltaww infrasuite device master
- vendor/delta electronics
- canonical/delta electronics versions prior to 1.0.5