Rewterz Threat Alert – Mirai Botnet – Active IOCs
August 18, 2022Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
August 18, 2022Rewterz Threat Alert – Mirai Botnet – Active IOCs
August 18, 2022Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
August 18, 2022Severity
Medium
Analysis Summary
CVE-2022-2759
Delta Industrial Automation DRAS is vulnerable to an XML external entity injection (XXE) attack when processing XML data, caused by a weakly configured XML parser. By using specially-crafted XML content in the configuration file, a local attacker could exploit this vulnerability to view sensitive documents and information on the affected host.
Impact
- Unauthorized Access
Indicators Of Compromise
CVE
- CVE-2022-2759
Affected Vendors
Delta
Affected Products
- Delta Industrial Automation DRAS 1.13.19
- Delta Industrial Automation DRAS 1.13.18
Remediation
Upgrade to the latest version of Delta Industrial Automation DRAS, available from the Delta Industrial Automation Website.