CVE-2021-32967

Summary

Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to add a new administrative user without being authenticated or authorized, which may allow the attacker to log in and use the device with administrative privileges.

Affected Software

VendorProductVersion RangeStatus
n/aDelta Electronics DIAEnergieDIAEnergie Version 1.7.5 and prioraffected

Weaknesses

  • CWE-288: AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288

ADP Enrichment

CVE Program Container

Additional References

References