Critical severity9.8NVD Advisory· Published Oct 31, 2022· Updated Jun 17, 2026
CVE-2022-38142
CVE-2022-38142
Description
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-Gateway service port without proper verification. An attacker could provide malicious serialized objects to execute arbitrary code upon deserialization.
Affected products
2<=00.00.01a+ 1 more
- (no CPE)range: <=00.00.01a
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1- www.cisa.gov/uscert/ics/advisories/icsa-22-298-07nvdPatchThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.