CVE-2023-5459

Delta Electronics DVP32ES2 PLC Password Transmission denial of service

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

A vulnerability has been found in Delta Electronics DVP32ES2 PLC 1.48 and classified as critical. This vulnerability affects unknown code of the component Password Transmission Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. VDB-241582 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Una vulnerabilidad ha sido encontrada en Delta Electronics DVP32ES2 PLC 1.48 y clasificada como crítica. Esta vulnerabilidad afecta a un código desconocido del componente Password Transmission Handler. La manipulación conduce a la denegación del servicio. El exploit ha sido divulgado al público y puede utilizarse. VDB-241582 es el identificador asignado a esta vulnerabilidad. NOTA: Se contactó primeramente con el proveedor sobre esta divulgación, pero no respondió de ninguna manera.

In Delta Electronics DVP32ES2 PLC 1.48 wurde eine kritische Schwachstelle gefunden. Betroffen ist eine unbekannte Verarbeitung der Komponente Password Transmission Handler. Dank der Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Adjacent

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-10-09 CVE Reserved
2023-10-09 CVE Published
2024-09-19 CVE Updated
2024-11-10 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-404: Improper Resource Shutdown or Release

CAPEC

References (1)

URL	Tag	Source
https://vuldb.com/?id.241582	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Deltaww Search vendor "Deltaww"	Dvp32es200r Firmware Search vendor "Deltaww" for product "Dvp32es200r Firmware"	1.48 Search vendor "Deltaww" for product "Dvp32es200r Firmware" and version "1.48"	-	Affected	in	Deltaww Search vendor "Deltaww"	Dvp32es200r Search vendor "Deltaww" for product "Dvp32es200r"	-	-	Safe
Deltaww Search vendor "Deltaww"	Dvp32es200t Firmware Search vendor "Deltaww" for product "Dvp32es200t Firmware"	1.48 Search vendor "Deltaww" for product "Dvp32es200t Firmware" and version "1.48"	-	Affected	in	Deltaww Search vendor "Deltaww"	Dvp32es200t Search vendor "Deltaww" for product "Dvp32es200t"	-	-	Safe
Deltaww Search vendor "Deltaww"	Dvp32es211t Firmware Search vendor "Deltaww" for product "Dvp32es211t Firmware"	1.48 Search vendor "Deltaww" for product "Dvp32es211t Firmware" and version "1.48"	-	Affected	in	Deltaww Search vendor "Deltaww"	Dvp32es211t Search vendor "Deltaww" for product "Dvp32es211t"	-	-	Safe
Deltaww Search vendor "Deltaww"	Dvp32es200rc Firmware Search vendor "Deltaww" for product "Dvp32es200rc Firmware"	1.48 Search vendor "Deltaww" for product "Dvp32es200rc Firmware" and version "1.48"	-	Affected	in	Deltaww Search vendor "Deltaww"	Dvp32es200rc Search vendor "Deltaww" for product "Dvp32es200rc"	-	-	Safe
Deltaww Search vendor "Deltaww"	Dvp32es200tc Firmware Search vendor "Deltaww" for product "Dvp32es200tc Firmware"	1.48 Search vendor "Deltaww" for product "Dvp32es200tc Firmware" and version "1.48"	-	Affected	in	Deltaww Search vendor "Deltaww"	Dvp32es200tc Search vendor "Deltaww" for product "Dvp32es200tc"	-	-	Safe
Deltaww Search vendor "Deltaww"	Dvp32es200re Firmware Search vendor "Deltaww" for product "Dvp32es200re Firmware"	1.48 Search vendor "Deltaww" for product "Dvp32es200re Firmware" and version "1.48"	-	Affected	in	Deltaww Search vendor "Deltaww"	Dvp32es200re Search vendor "Deltaww" for product "Dvp32es200re"	-	-	Safe
Deltaww Search vendor "Deltaww"	Dvp32es200te Firmware Search vendor "Deltaww" for product "Dvp32es200te Firmware"	1.48 Search vendor "Deltaww" for product "Dvp32es200te Firmware" and version "1.48"	-	Affected	in	Deltaww Search vendor "Deltaww"	Dvp32es200te Search vendor "Deltaww" for product "Dvp32es200te"	-	-	Safe