CVE-2022-3214 Information

Description

Delta Industrial Automation’s DIAEnergy an industrial energy management system is vulnerable to CWE-798 Use of Hard-coded Credentials. Version 1.8.0 and prior have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization allowing remote code execution.

Reference

https://www.cisa.gov/uscert/ics/advisories/icsa-22-256-03