CVE-2021-38422

Summary

Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have extensive access to the application directory and escalate privileges.

Affected Software

VendorProductVersion RangeStatus
Delta ElectronicsDIALinkAll <= 1.2.4.0affected

Weaknesses

  • CWE-312: CWE-312 Cleartext Storage of Sensitive Information

Workarounds

Delta Electronics is aware of the vulnerabilities and is currently working on an update.

ADP Enrichment

CVE Program Container

Additional References

References