Diaview
Monthly
Unauthenticated remote database access in Delta Electronics DIAView allows network-based attackers to reach configured project databases without credentials, bypassing the prior mitigation issued for CVE-2025-62582. The flaw carries a CVSS 9.8 rating with full confidentiality, integrity, and availability impact; no public exploit identified at time of analysis, but the original CVE it incompletely patches has known prior research from Tenable.
Delta Electronics DIAView has Command Injection vulnerability. [CVSS 7.8 HIGH]
Delta Electronics DIAView has a missing authentication vulnerability that allows remote attackers to access critical functionality without credentials, potentially compromising SCADA monitoring.
Delta Electronics DIAView uses hard-coded cryptographic keys, allowing attackers to forge authentication tokens, decrypt sensitive data, or bypass security controls entirely.
Unauthenticated remote database access in Delta Electronics DIAView allows network-based attackers to reach configured project databases without credentials, bypassing the prior mitigation issued for CVE-2025-62582. The flaw carries a CVSS 9.8 rating with full confidentiality, integrity, and availability impact; no public exploit identified at time of analysis, but the original CVE it incompletely patches has known prior research from Tenable.
Delta Electronics DIAView has Command Injection vulnerability. [CVSS 7.8 HIGH]
Delta Electronics DIAView has a missing authentication vulnerability that allows remote attackers to access critical functionality without credentials, potentially compromising SCADA monitoring.
Delta Electronics DIAView uses hard-coded cryptographic keys, allowing attackers to forge authentication tokens, decrypt sensitive data, or bypass security controls entirely.