CVE-2023-0444

Summary

A privilege escalation vulnerability exists in Delta Electronics InfraSuite Device Master 00.00.02a. A default user 'User', which is in the 'Read Only User' group, can view the password of another default user 'Administrator', which is in the 'Administrator' group. This allows any lower privileged user to log in as an administrator.

Affected Software

VendorProductVersion RangeStatus
n/aDelta Electronics InfraSuite Device Master 00.00.02aDelta Electronics InfraSuite Device Master 00.00.02aaffected

Weaknesses

  • Privilege Escalation

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References