CVE-2023-1138 – Delta Electronics InfraSuite Device Master vers... (How to Fix)

Q: What is the severity of CVE-2023-1138?

CVE-2023-1138 has a CVSS score of 7.5 (HIGH). Delta Electronics InfraSuite Device Master versions before 1.0.5 have an improper access control vulnerability that allows attackers to retrieve Gateway configuration files containing plaintext credentials. This affects industrial control systems using these versions for device management. Attackers could gain unauthorized access to sensitive infrastructure.

📋 TL;DR

Delta Electronics InfraSuite Device Master versions before 1.0.5 have an improper access control vulnerability that allows attackers to retrieve Gateway configuration files containing plaintext credentials. This affects industrial control systems using these versions for device management. Attackers could gain unauthorized access to sensitive infrastructure.

💻 Affected Systems

Products:

Delta Electronics InfraSuite Device Master

Versions: All versions prior to 1.0.5

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Affects industrial control systems using this software for device management and monitoring.

📦 What is this software?

Infrasuite Device Master by Deltaww

View all CVEs affecting Infrasuite Device Master →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers obtain administrative credentials, gain full control of industrial devices, disrupt critical infrastructure operations, or cause physical damage.

🟠

Likely Case

Attackers steal credentials, access sensitive industrial systems, exfiltrate data, or maintain persistent access for future attacks.

🟢

If Mitigated

Limited to credential exposure without successful lateral movement if network segmentation and monitoring are in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Vulnerability involves improper access control allowing file retrieval without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.0.5

Vendor Advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-02

Restart Required: Yes

Instructions:

1. Download version 1.0.5 from Delta Electronics. 2. Backup current configuration. 3. Install the update following vendor instructions. 4. Restart the Device Master service. 5. Verify successful update.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate InfraSuite Device Master from untrusted networks and internet access.

Access Control Lists

all

Implement strict firewall rules to limit access to Device Master services.

🧯 If You Can't Patch

Implement network segmentation to isolate vulnerable systems
Monitor for unauthorized access attempts and file retrieval patterns

🔍 How to Verify

Check if Vulnerable:

Check Device Master version in application interface or installation directory. Versions below 1.0.5 are vulnerable.

Check Version:

Check application interface or installation properties for version number

Verify Fix Applied:

Confirm version is 1.0.5 or higher in application interface and test that configuration files cannot be accessed without proper authentication.

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to configuration files
Unusual file retrieval patterns from Device Master

Network Indicators:

Unexpected connections to Device Master ports
Traffic patterns indicating configuration file transfers

SIEM Query:

source="DeviceMaster" AND (event="FileAccess" OR event="UnauthorizedAccess")

📊 Metadata

CVE ID: CVE-2023-1138

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Published: March 27, 2023

Last Updated: November 21, 2024

🔗 References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-02 Third Party Advisory,US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-02 Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON