What is CVE-2022-25880?
Delta Electronics DIAEnergie Vulnerability
A vulnerability reported as critical was found in Delta Electronics DIAEnergie.This flaw affects some unidentified processing in the DIAE hierarchyHandler.ashx file. An SQL injection vulnerability is created by manipulating an unknown input. CWE-89 is the CWE definition for vulnerability. It has a recognization to have an impact on availability, integrity, and secrecy. An attacker may be able to inject or update current SQL statements, affecting database exchange.
The vulnerability was identified as icsa-22-081-01 on March 30, 2022. Exploitation appears to be challenging. The attack can be launched from afar. Successful exploitation does not necessitate any type of authentication.
| CVE ID | CVE-2022-25880 |
| Vulnerability Name | Delta Electronics DIAEnergie |
| Vendor | deltaww |
| Product | DIAEnergie |
| Short Description | The DIAE hierarchyHandler.ashx file in Delta Electronics DIAEnergie (all versions previous to 1.8.02.004) contains a blind SQL injection vulnerability. An attacker can use this vulnerability to inject arbitrary SQL queries, retrieve and alter database contents, and run system instructions. |
| Date added to the catalog | 29-03-2022 |
| Severity (Scale out of 10) | 9.8 (Critical) |
| Impact | The below-mentioned version of DIAEnergie impacted: All versions prior to 1.8.02.004 |
| Remediation | This vulnerability can be remediated by upgrading to version 1.8.02.004 |
What is CVE-2022-1040?
Sophos Firewall Vulnerability
In the Web admin and User Portal of Sophos Firewall, an authentication bypass vulnerability allowing remote code execution was discovered and appropriately shared with Sophos. An external security researcher reported it through the Sophos bug bounty program. The flaw has now been patched. Customers that have the "Allow automatic installation of hotfixes" feature activated on their Sophos Firewall do not need to take any action. The default value is enabled.
This vulnerability has been used to target a small number of specific companies, primarily in the South Asia region, according to Sophos. Each of these organizations has been notified directly.
As our investigation continues, Sophos will give more information.
| CVE ID | CVE-2022-1040 |
| Vulnerability Name | Sophos Firewall |
| Vendor | Sophos |
| Product | sfos |
| Short Description | In Sophos Firewall versions v18.5 MR3 and older, an authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code. |
| Date added to catalog | 2022-03-25 |
| Severity (Scale out of 10) | 7.5 (High) |
| Impact | This vulnerability applies to the mentioned below Sophos product: Sophos Firewall v18.5 MR3 [18.5.3] and older. |
| Remediation | Customers can defend themselves against external attackers by making sure their User Portal and Webadmin aren't exposed to the WAN. By adopting device access best practices, disable WAN access to the User Portal and Webadmin, and instead, utilize VPN and/or Sophos Central for remote access and control. |
Conclusion
Delta Electronics DIAEnergie vulnerability authorizes an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands and Sophos Firewall Vulnerability is an authentication bypass vulnerability in the User Portal and Webadmin authorizes a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
Explore the Recently Discovered Critical Vulnerabilities and their Remediations
