CVE-2023-30765

HIGH

Deltaww Infrasuite Device Master - Improper Privilege Management

Title source: rule

Description

Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contain improper access controls that could allow an attacker to alter privilege management configurations, resulting in privilege escalation.

Exploits (1)

nomisec WORKING POC

by 0xfml · poc

https://github.com/0xfml/CVE-2023-30765

View Code ZIP pw:eip

References (1)

Core 1

Core References

Mitigation, Patch, Third Party Advisory, US Government Resource

https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-01

Scores

CVSS v3 8.8

EPSS 0.0089

EPSS Percentile 75.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-269

Status published

Products (1)

deltaww/infrasuite_device_master < 1.0.7

Published Jul 10, 2023

Tracked Since Feb 18, 2026