ICS Delta Industrial Automation DIAEnergie GetDIAE_slogListParameters SQL Injection (CVE-2024-23975)

Rule ID

1234797

Severity

High

Description

An SQL injection vulnerability has been reported for Delta Industrial Automation DIAEnergie. This vulnerability is due to improper input validation in the GetDIAE_slogListParameters component.

Impact

SQL injection

Recommendation

Update vendor's patch.

IPS Category

ICS threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2024-23975

ICSA-24-074-12

T1190

T0819

Keywords

N/A

Date Created

2024/04/22

Last Updated

2026/01/15