Vulnerability Description
Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contains classes that cannot be deserialized, which could allow an attack to remotely execute arbitrary code.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Deltaww | Infrasuite Device Master | < 1.0.7 |
Related Weaknesses (CWE)
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-01MitigationPatchThird Party Advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-01MitigationPatchThird Party Advisory
FAQ
What is CVE-2023-34347?
CVE-2023-34347 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contains classes that cannot be deserialized, which could allow an attack to remotely execute arbitrary code.
How severe is CVE-2023-34347?
CVE-2023-34347 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-34347?
Check the references section above for vendor advisories and patch information. Affected products include: Deltaww Infrasuite Device Master.