CVE-2023-1135 – This vulnerability in Delta Electronics InfraSu... (How to Fix)

Q: What is the severity of CVE-2023-1135?

CVE-2023-1135 has a CVSS score of 7.8 (HIGH). This vulnerability in Delta Electronics InfraSuite Device Master allows attackers to set incorrect directory permissions, potentially leading to local privilege escalation. Systems running InfraSuite Device Master versions before 1.0.5 are affected, primarily in industrial control environments.

📋 TL;DR

This vulnerability in Delta Electronics InfraSuite Device Master allows attackers to set incorrect directory permissions, potentially leading to local privilege escalation. Systems running InfraSuite Device Master versions before 1.0.5 are affected, primarily in industrial control environments.

💻 Affected Systems

Products:

Delta Electronics InfraSuite Device Master

Versions: All versions prior to 1.0.5

Operating Systems: Windows (typically used in ICS environments)

Default Config Vulnerable: ⚠️ Yes

Notes: Industrial control systems using InfraSuite Device Master for device management

📦 What is this software?

Infrasuite Device Master by Deltaww

View all CVEs affecting Infrasuite Device Master →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker gains full system control through privilege escalation, potentially compromising the entire industrial control system.

🟠

Likely Case

Local attacker elevates privileges to execute arbitrary code, modify system configurations, or access sensitive data.

🟢

If Mitigated

Limited impact with proper access controls, network segmentation, and monitoring in place.

🌐 Internet-Facing: LOW (requires local access to exploit)

🏢 Internal Only: HIGH (local attackers or compromised accounts can exploit this vulnerability)

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Requires local access to the system; directory permission manipulation is typically straightforward for attackers with initial access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.0.5

Vendor Advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-02

Restart Required: Yes

Instructions:

1. Download InfraSuite Device Master version 1.0.5 from Delta Electronics. 2. Backup current configuration. 3. Install the update following vendor instructions. 4. Restart the system. 5. Verify proper operation.

🔧 Temporary Workarounds

Restrict Local Access

all

Limit local access to InfraSuite Device Master systems to authorized personnel only

Harden Directory Permissions

windows

Manually review and secure directory permissions on the system

icacls "C:\Program Files\Delta Electronics\InfraSuite\" /inheritance:r /grant:r "Administrators:(OI)(CI)F" /grant:r "SYSTEM:(OI)(CI)F"
icacls "C:\ProgramData\Delta Electronics\InfraSuite\" /inheritance:r /grant:r "Administrators:(OI)(CI)F" /grant:r "SYSTEM:(OI)(CI)F"

🧯 If You Can't Patch

Implement strict access controls and monitor for unauthorized local access attempts
Segment the network to isolate InfraSuite Device Master systems from general network traffic

🔍 How to Verify

Check if Vulnerable:

Check the installed version of InfraSuite Device Master in Control Panel > Programs and Features or via the application interface

Check Version:

wmic product where "name like 'InfraSuite Device Master%'" get version

Verify Fix Applied:

Verify version is 1.0.5 or later and test directory permissions cannot be modified by non-administrative users

📡 Detection & Monitoring

Log Indicators:

Failed or successful privilege escalation attempts
Unauthorized directory permission changes
Unusual local account activity

Network Indicators:

Unusual local network traffic from InfraSuite systems

SIEM Query:

EventID=4672 OR EventID=4688 OR EventID=4704 AND (ProcessName contains 'InfraSuite' OR TargetObject contains 'Delta Electronics')

📊 Metadata

CVE ID: CVE-2023-1135

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-732

Published: March 27, 2023

Last Updated: November 21, 2024

🔗 References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-02 Third Party Advisory,US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-02 Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-1135, you might also want to check these: