Login Sign Up

CVE-2022-25347

9.8 CRITICAL
Path Traversal

📋 TL;DR

Delta Electronics DIAEnergie versions prior to 1.8.02.004 are vulnerable to path traversal attacks, allowing attackers to write arbitrary files to the file system. This affects all users of DIAEnergie software in vulnerable versions, potentially compromising system integrity and enabling further attacks.

💻 Affected Systems

Products:
  • Delta Electronics DIAEnergie
Versions: All versions prior to 1.8.02.004
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: This vulnerability is present in default configurations of the software.

📦 What is this software?

Diaenergie by Deltaww

View all CVEs affecting Diaenergie →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could write malicious files to critical system locations, leading to remote code execution, data theft, or complete system compromise.

🟠

Likely Case

Attackers may exploit this to deploy malware, modify configurations, or disrupt operations by overwriting essential files.

🟢

If Mitigated

With proper network segmentation and access controls, impact may be limited to isolated systems, reducing the risk of widespread damage.

🌐 Internet-Facing: HIGH, as internet-exposed instances are directly accessible to attackers, increasing the likelihood of exploitation.
🏢 Internal Only: MEDIUM, as internal systems could still be targeted via phishing or compromised internal accounts, but require initial access.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation is likely straightforward due to the nature of path traversal vulnerabilities, but no public proof-of-concept has been confirmed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.8.02.004

Vendor Advisory: https://www.cisa.gov/uscert/ics/advisories/icsa-22-081-01

Restart Required: Yes

Instructions:

1. Download the patch from Delta Electronics. 2. Backup current configuration and data. 3. Install the update to version 1.8.02.004. 4. Restart the system to apply changes.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to DIAEnergie systems to trusted internal networks only.

File System Permissions

windows

Set strict file permissions to limit write access to critical directories.

icacls C:\Program Files\DIAEnergie /deny Everyone:(W)

🧯 If You Can't Patch

  • Implement strict network access controls to isolate vulnerable systems from untrusted networks.
  • Monitor file system changes and logs for suspicious write activities to detect exploitation attempts.

🔍 How to Verify

Check if Vulnerable:

Check the software version in the DIAEnergie interface or configuration files; if it is below 1.8.02.004, it is vulnerable.

Check Version:

Check the version in the DIAEnergie application settings or run a command specific to the installation, such as checking registry entries on Windows.

Verify Fix Applied:

After patching, confirm the version is 1.8.02.004 or higher via the software interface or version check command.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file write operations in system logs
  • Access attempts to sensitive directories

Network Indicators:

  • Unexpected HTTP requests with path traversal patterns (e.g., '../' sequences)

SIEM Query:

source="DIAEnergie_logs" AND (event="file_write" AND path="*../*")

📊 Metadata

CVE ID: CVE-2022-25347
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-37
Published: March 29, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-25347, you might also want to check these:

CVE-2024-12806 4.9

This post-authentication absolute path traversal vulnerability in SonicOS management interfaces allo...

Same vulnerability type (CWE-37)