cbcvebase.
CVE-2023-30765
published 2023-07-10

CVE-2023-30765: ​Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contain improper access controls that could allow an attacker to alter privilege management…

PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.97%
77.9th percentile
​Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contain improper access controls that could allow an attacker to alter privilege management configurations, resulting in privilege escalation.

Affected

2 ranges
VendorProductVersion rangeFixed in
delta_electronicsinfrasuite_device_master< v1.0.7v1.0.7
deltawwinfrasuite_device_master< 1.0.71.0.7

Detection & IOCsextracted from sources · hover to see the quote

  • Target product: Delta Electronics InfraSuite Device Master versions prior to 1.0.7 is vulnerable to improper privilege management (CVE-2023-30765); network-accessible exploitation with low complexity and low privilege required should be monitored for unauthorized privilege configuration changes.
  • CVE-2023-30765 is remotely exploitable with low attack complexity and only requires low privileges (CVSS AV:N/AC:L/PR:L/UI:N); monitor for anomalous privilege escalation or unexpected changes to privilege management configurations on InfraSuite Device Master instances.
  • ·No known public exploits specifically target this vulnerability at time of advisory publication; detection should focus on behavioral anomalies rather than known exploit signatures.
  • ·The advisory covers three CVEs (CVE-2023-34316, CVE-2023-30765, CVE-2023-34347) affecting the same product version range; ensure detections are scoped specifically to CVE-2023-30765 (improper privilege management) and not conflated with the file disclosure or deserialization issues.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.