CVE-2022-41779 Information

Description

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize network packets without proper verification. If the device connects to an attacker-controlled server the attacker could send maliciously crafted packets that would be deserialized and executed leading to remote code execution.

Reference

https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-07