CVE-2024-10456 – Delta Electronics InfraSuite Device Master Deserialization of Untrusted Data

https://notcve.org/view.php?id=CVE-2024-10456

30 Oct 2024 — Delta Electronics InfraSuite Device Master versions prior to 1.0.12 are affected by a deserialization vulnerability that targets the Device-Gateway, which could allow deserialization of arbitrary .NET objects prior to authentication. Las versiones de Delta Electronics InfraSuite Device Master anteriores a 1.0.12 se ven afectadas por una vulnerabilidad de deserialización que afecta a Device-Gateway, lo que podría permitir la deserialización de objetos .NET arbitrarios antes de la autenticación. This vulnerab... • https://www.cisa.gov/news-events/ics-advisories/icsa-24-303-03 • CWE-502: Deserialization of Untrusted Data •