Cyber Resilience

CVE-2022-4616

HighRCE

Published: 13 January 2023

Published
13 January 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.3395 97.1th percentile
Risk Priority 35 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-4616 is a high-severity Command Injection (CWE-77) vulnerability in Deltaww Dx-3021L9 Firmware. Its CVSS base score is 7.2 (High).

Operationally, ranked in the top 2.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

The vulnerability is a command injection flaw in the webserver component of Delta DX-3021 devices running firmware versions prior to 1.24. It resides in the network diagnosis page and is tracked under CWE-77, allowing manipulation of system commands through crafted input.

An unauthenticated remote attacker can exploit the issue over the network to add files, delete files, and alter file permissions on the affected device, resulting in high impact to confidentiality, integrity, and availability despite the CVSS requirement for high privileges.

Vendor firmware updates addressing the flaw are available from the Delta download center, and CISA has published advisory ICSA-22-354-05 with additional guidance for affected industrial control systems.

The associated EPSS score has remained flat at its current peak of 0.3395 with no material upward movement after disclosure.

EU & UK References

Vulnerability details

The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to command injection through the network diagnosis page. This vulnerability could allow a remote unauthenticated user to add files, delete files, and change file permissions.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

deltaww
dx-3021l9 firmware
≤ 1.24

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References