Flaws in Delta OT Monitoring Product Can Allow Hackers to Hide Destructive Activities

Critical vulnerabilities in a Delta Electronics operational technology monitoring product can allow hackers to hide destructive activities from the targeted organization's employees.
The affected product is Delta's InfraSuite Device Master and the existence of the vulnerabilities came to light in late November, when advisories were published by the US cybersecurity agency CISA and Trend Micro's Zero Day Initiative, which coordinated the disclosure on behalf of researchers Piotr Bazydlo and Nguyen Dinh Hoang.
InfraSuite Device Master is described by the vendor as a data center facility monitoring software that enables real-time monitoring of critical devices, including power and cooling systems, building sensors, and industrial control systems such as programmable logic controllers and power meters.
Four types of vulnerabilities have been identified, including two that have been assigned a 'critical severity' rating.
The critical flaws can be exploited by a remote, unauthenticated attacker to execute arbitrary code on the targeted system.
The other two security holes, rated 'high severity', can be exploited for remote code execution and to obtain sensitive information, such as plaintext credentials.
ZDI's Dustin Childs told SecurityWeek that one of the critical vulnerabilities, tracked as CVE-2023-47207, can be exploited from the internet if the system is accessible from the web.
In a real world environment, Childs said, an attacker could exploit the vulnerabilities to compromise InfraSuite Device Master and hide potentially important alerts from the operator.
If the attacker uses other exploits to target an OT system within the victim's environment in an attempt to cause disruption or damage, they could also hack the Delta monitoring product to hide messages indicating a problem with the OT system.
Childs said a perfect example of such an attack in the real world is Stuxnet, in which malware was designed to cause damage to ICS associated with centrifuges at the Natanz nuclear facility in Iran, while also attempting to hide the manipulation of centrifuge behavior.
Delta Electronics product vulnerabilities have reportedly been targeted by malicious actors.

This Cyber News was published on www.securityweek.com. Publication date: Mon, 11 Dec 2023 13:28:05 +0000

Cyber News related to Flaws in Delta OT Monitoring Product Can Allow Hackers to Hide Destructive Activities

Flaws in Delta OT Monitoring Product Can Allow Hackers to Hide Destructive Activities - Critical vulnerabilities in a Delta Electronics operational technology monitoring product can allow hackers to hide destructive activities from the targeted organization's employees. The affected product is Delta's InfraSuite Device Master and the ...
1 year ago Securityweek.com

Comprehensive Cloud Monitoring Platforms: Ensuring - Platforms for comprehensive cloud monitoring come into play in this situation. In this article, we will explore the significance of comprehensive cloud monitoring platforms and delve into some leading solutions available in the market today. ...
1 year ago Feeds.dzone.com

Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
1 year ago Cisa.gov

Delta Dental of California data breach exposed info of 7 million people - Delta Dental of California and its affiliates are warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental of California is a dental insurance provider ...
1 year ago Bleepingcomputer.com

Addressing Bias in Insider Risk Monitoring - Enterprises often take similar steps to protect data from internal and outside threats, where teams analyze activities to identify potential risks. Security operations centers defending against these threats must look at employees, partners, and ...
11 months ago Cyberdefensemagazine.com

Discovering SSRF Flaws in Microsoft Azure Services - Microsoft Azure is an incredibly popular cloud computing platform and its services are used around the world. Recently, security researchers uncovered several Server-Side Request Forgery (SSRF) flaws in many of Microsoft Azure’s services. This type ...
2 years ago Securityaffairs.com

Delta Dental says data breach exposed info of 7 million people - Delta Dental of California is warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental is a dental insurance provider that covers 85 million people ...
1 year ago Bleepingcomputer.com

North Korean Hackers Use Fake Job Offers & Salary Bumps as Lure for Crypto Theft - Recent investigations have uncovered a massive operation carried out by North Korean hackers looking to steal cryptocurrency through fake job offers and salary bumps. According to recent reports, hackers have been able to trace the malicious ...
2 years ago Therecord.media

Monitoring Your Files for Security and Compliance | Tripwire - This may seem like a heck of a statement, but when you are monitoring against a cryptographic value or other attributes (including content), even the slightest deviation is a valid change & that change is detected and processed according to local ...
4 months ago Tripwire.com

How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
2 years ago Hackread.com

How Russian Hackers Attack Samsung Devices – A Comprehensive Guide - Samsung devices have become all the rage around the globe. Unfortunately, their popularity also attracts the attention of hackers and other cybercriminals who take advantage of them to spread their malicious codes and conduct their illegal ...
2 years ago Heimdalsecurity.com

Hijacking Your Bandwidth How Proxyware Apps Open You Up to Risk - Is this true? To examine and understand the kind of risks a potential user might be exposed to by joining such programs, we recorded and analyzed network traffic from a large number of exit nodes of several different network bandwidth sharing ...
1 year ago Trendmicro.com

Over 1,450 pfSense servers exposed to RCE attacks via bug chain - Roughly 1,450 pfSense instances exposed online are vulnerable to command injection and cross-site scripting flaws that, if chained, could enable attackers to perform remote code execution on the appliance. PfSense is a popular open-source firewall ...
1 year ago Bleepingcomputer.com

Cybersecurity Crisis Looms: FBI Chief Unveils Chinese Hackers' Plan to Target US Infrastructure - As the head of the FBI pointed out Wednesday, Beijing was positioning itself to disrupt the daily lives of Americans if there was ever a war between the United States and China if it were to plant malware to damage civilian infrastructure. U.S. ...
11 months ago Cysecurity.news

Hackers pose as British postal carrier to deliver Prince ransomware in destructive campaign - “Based on the lack of a link to determine which user has paid to have their files decrypted, and which infected computer belongs to the user who paid, paired with the lack of communication instructions, this appears to be a destructive attack, with ...
4 months ago Therecord.media

Hive Ransomware Infrastructure Seized by Police - Breaking News - Police have recently seized the entire infrastructure of the Hive ransomware by arresting a group of criminals in Europe. This ransomware is believed to be the root cause of many cyber-attacks taking place across the globe. This significant seizure ...
2 years ago Thehackernews.com

MongoDB issues weekend warning of breach The Register - Critical vulnerabilities: The not-patch-Tuesday list. As is usually the case this time of month, the most pressing vulnerabilities of recent days were revealed/patched in Patch Tuesday releases. CVSS 9.8 - So many CVEs: Siemens SIMATIC S7-1500 CPU ...
1 year ago Go.theregister.com

Cybersecurity for Homeschooling Parents: A Guide - With the increased reliance on technology and online tools, homeschooling parents must also address the pressing issue of cybersecurity. Whether it's securing tech tools, teaching safe online practices, or accessing valuable resources, this guide ...
1 year ago Securityzap.com

Emulating the Sabotage-Focused Russian Adversary Sandworm- Part 2 - Adversary Emulation PublishedJuly 3, 2024 AttackIQ has released two new attack graphs that emulate the behaviors exhibited by the highly sophisticated Russian adversary Sandworm during various destructive activities against targets in Ukraine and ...
6 months ago Securityboulevard.com

Threat Groups Rush to Exploit JetBrains' TeamCity CI/CD Security Flaws - The cyberthreats to users of JetBrains' TeamCity CI/CD platform continue to mount a week after the company issued two fixes to security vulnerabilities, with one cybersecurity vendor noting a ransomware attack that included exploiting the flaws for ...
10 months ago Securityboulevard.com

Role of Parents in Teaching Online Safety - In today's digital landscape, where children are increasingly exposed to the vast world of the internet, the role of parents in teaching online safety has become paramount. Parents should have regular conversations with their kids about the ...
1 year ago Securityzap.com

Delta Electronics InfraSuite Device Master - RISK EVALUATION. Successful exploitation of these vulnerabilities could allow an attacker to remotely execute arbitrary code and obtain plaintext credentials. In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows ...
1 year ago Cisa.gov

Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
7 months ago Securityweek.com

Holiday Hackers: How to Safeguard Your Service Desk - Hackers really don't take holidays, but they will take advantage of them. Many of these cyberattacks will zero in on the service or help desk to gain entry into network systems. Recovering accounts because of forgotten passwords is one of the ...
1 year ago Bleepingcomputer.com

Latest Cyber News

CVE-2025-0974 - 13 hours ago
CVE-2025-0973 - 14 hours ago
CVE-2025-0972 - 15 hours ago
CVE-2025-0971 - 15 hours ago
CVE-2025-0970 - 16 hours ago
CVE-2025-0967 - 23 hours ago
CVE-2025-0961 - 1 day ago
CVE-2025-0950 - 1 day ago
CVE-2025-0949 - 1 day ago
CVE-2025-0948 - 1 day ago
CVE-2025-0947 - 1 day ago
CVE-2025-0946 - 1 day ago
CVE-2025-0945 - 2 days ago
CVE-2025-0944 - 2 days ago
CVE-2024-13775 - 2 days ago
CVE-2024-13612 - 2 days ago
CVE-2025-0943 - 2 days ago
CVE-2024-13429 - 2 days ago
CVE-2024-13372 - 2 days ago
CVE-2024-13425 - 2 days ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2025-0967 - 23 hours ago
CVE-2025-0970 - 16 hours ago
CVE-2025-0971 - 15 hours ago
CVE-2025-0972 - 15 hours ago
CVE-2025-0973 - 14 hours ago
CVE-2025-0974 - 13 hours ago
CVE-2024-11780 - 2 days ago
CVE-2024-12171 - 2 days ago
CVE-2024-12184 - 2 days ago
CVE-2024-12620 - 2 days ago
CVE-2024-13343 - 2 days ago
CVE-2024-13547 - 2 days ago
CVE-2024-13651 - 2 days ago
CVE-2024-51534 - 2 days ago
CVE-2024-53296 - 2 days ago
CVE-2024-53295 - 2 days ago
CVE-2024-12041 - 2 days ago
CVE-2024-12768 - 2 days ago
CVE-2024-13096 - 2 days ago
CVE-2024-13097 - 2 days ago