Diaview
CVE-2025-62581
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Delta Electronics DIAView has multiple vulnerabilities.
AnalysisAI
Delta Electronics DIAView uses hard-coded cryptographic keys, allowing attackers to forge authentication tokens, decrypt sensitive data, or bypass security controls entirely.
Technical ContextAI
Delta DIAView uses a CWE-321 hard-coded cryptographic key embedded in the application. Any attacker who extracts or discovers this key can forge session tokens, decrypt stored credentials, or bypass encryption-based security controls.
RemediationAI
Apply Delta Electronics patches. Monitor for unauthorized access to DIAView. Consider additional network segmentation for ICS systems.
Unauthenticated remote database access in Delta Electronics DIAView allows network-based attackers to reach configured p
Delta Electronics DIAView has a missing authentication vulnerability that allows remote attackers to access critical fun
Delta Electronics DIAView has Command Injection vulnerability. [CVSS 7.8 HIGH]
Same weakness CWE-321 – Use of Hard-coded Cryptographic Key
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today