The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. Those formulas may then be executed when it is opened with a spreadsheet application.
References
Link | Resource |
---|---|
https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2021-10-21T00:00:00
Updated: 2021-11-03T19:05:22
Reserved: 2021-08-10T00:00:00
Link: CVE-2021-38424
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-11-03T20:15:08.827
Modified: 2021-11-05T16:21:45.980
Link: CVE-2021-38424
JSON object: View
Redhat Information
No data.
CWE