Unauthenticated Administrative User Addition Vulnerability in Delta Electronics DIAEnergie Version 1.7.5 and Prior

CVE-2021-32967 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to add a new administrative user without being authenticated or authorized, which may allow the attacker to log in and use the device with administrative privileges.

Learn more about our User Device Pen Test.