all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Delta Electronics InfraSuite Device Master Deserialization

Add to bookmarks
June 8, 2023, 2:23 p.m. |

Packet Storm packetstormsecurity.com

Delta Electronics InfraSuite Device Master versions below 1.0.5 have an unauthenticated .NET deserialization vulnerability within the ParseUDPPacket() method of the Device-Gateway-Status process. The ParseUDPPacket() method reads user-controlled packet data and eventually calls BinaryFormatter.Deserialize() on what it determines to be the packet header without appropriate validation, leading to unauthenticated code execution as the user running the Device-Gateway-Status process.

code code execution data delta delta electronics deserialization device electronics gateway header master packet process validation vulnerability

Visit resource

More from packetstormsecurity.com / Packet Storm

The Not-So-Silent Type 1 day, 6 hours ago | packetstormsecurity.com
apps called keyboard keystrokes +6
Ubuntu Security Notice USN-6754-1 1 day, 6 hours ago | packetstormsecurity.com
attacker denial of service http implementation +11
Ubuntu Security Notice USN-6753-1 1 day, 6 hours ago | packetstormsecurity.com
attacker configuration cryptographic default +14
Debian Security Advisory 5674-1 1 day, 6 hours ago | packetstormsecurity.com
advisory debian debian linux security denial of service +9
Ubuntu Security Notice USN-6751-1 1 day, 6 hours ago | packetstormsecurity.com
attacker attacks cross-site data +11
Ubuntu Security Notice USN-6752-1 1 day, 6 hours ago | packetstormsecurity.com
attacker crash denial of service issue +10
Red Hat Security Advisory 2024-2066-03 1 day, 6 hours ago | packetstormsecurity.com
advisory enterprise linux red hat +5
Red Hat Security Advisory 2024-2064-03 1 day, 6 hours ago | packetstormsecurity.com
advisory enterprise linux red hat +5
Red Hat Security Advisory 2024-2063-03 1 day, 6 hours ago | packetstormsecurity.com
advisory buffer buffer overflow enterprise +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Researcher, SIEM

@ Huntress | Remote Canada
View on infosec-jobs.com

Senior Application Security Engineer

@ Revinate | San Francisco Bay Area
View on infosec-jobs.com

Cyber Security Manager

@ American Express Global Business Travel | United States - New York - Virtual Location
View on infosec-jobs.com

Incident Responder Intern

@ Bentley Systems | Remote, PA, US
View on infosec-jobs.com

SC2024-003533 Senior Online Vulnerability Assessment Analyst (CTS) - THU 9 May

@ EMW, Inc. | Mons, Wallonia, Belgium
View on infosec-jobs.com
View more jobs