Rewterz Threat Advisory – CVE-2022-39406 – Oracle PeopleSoft Enterprise Common Vulnerability
November 7, 2022Rewterz Threat Alert – An Emerging Heodo Malware – Active IOCs
November 8, 2022Rewterz Threat Advisory – CVE-2022-39406 – Oracle PeopleSoft Enterprise Common Vulnerability
November 7, 2022Rewterz Threat Alert – An Emerging Heodo Malware – Active IOCs
November 8, 2022Severity
High
Analysis Summary
CVE-2022-43775
Delta Electronics DIAEnergie is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the HICT_Loop class using the hier_id, egy_id, or kid URL parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.
Impact
- Data Manipulation
Indicators Of Compromise
CVE
- CVE-2022-43775
Affected Vendors
Delta Electronics
Affected Products
Delta Electronics DIAEnergie 1.9
Remediation
Refer to Delta Electronics Website for patch, upgrade or suggested workaround information.