Delta Electronics CNCSoft-G2 DOPSoft DPAX

April 30, 2024, 2:55 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

View CSAF

1. EXECUTIVE SUMMARY

CVSS v4 8.5

ATTENTION: Low attack complexity

Vendor: Delta Electronics

Equipment: CNCSoft-G2 DOPSoft

Vulnerability: Stack-based Buffer Overflow

2. RISK EVALUATION

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

The following versions of Delta Electronics CNCSoft-G2, a Human-Machine Interface (HMI) software, are affected:

CNCSoft-G2: Versions 2.0.0.5 (with DOPSoft v5.0.0.93) and prior

3.2 Vulnerability Overview

3.2.1 STACK-BASED BUFFER OVERFLOW CWE-121

Delta Electronics …

arbitrary code attack attacker attention buffer buffer overflow code complexity csaf cvss delta delta electronics dopsoft electronics equipment evaluation executive exploitation hmi human interface low machine overflow products risk stack technical technical details vendor vulnerability

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Wireshark 4.2.5 Released, (Sat, May 18th) 7 hours ago | malware.news

article bugs center cve +13

The who, where, and how of APT attacks – Week in security with Tony Anscombe 18 hours ago | malware.news

apt article attacks campaigns +11

Leveling the cybersecurity playing field 22 hours ago | malware.news

article blumira cybersecurity entry +4

Hardware cybersecurity leader, Flexxon, introduces Server Defender 22 hours ago | malware.news

advanced article cybersecurity defender +8

Automated pentesting in the cloud 22 hours ago | malware.news

article automated challenge cloud +10

How to revamp your cybersecurity in the middle of the chaos 22 hours ago | malware.news

article attackers chaos cybersecurity +8

6K-plus AI models may be affected by critical RCE vulnerability 1 day ago | malware.news

ai models article attacks critical +14

Zscaler annual phishing report finds a near 60% increase in phishing attacks in 2023 1 day, 1 hour ago | malware.news

article attacks link media +6

Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & More - SWN #387 1 day, 2 hours ago | malware.news

amp article cisa deepfakes +8

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368

@ Allen Integrated Solutions | Chantilly, Virginia, United States

View on infosec-jobs.com

Consultant Sécurité SI H/F Gouvernance - Risques - Conformité

@ Hifield | Sèvres, France

View on infosec-jobs.com

Infrastructure Consultant

@ Telefonica Tech | Belfast, United Kingdom

View on infosec-jobs.com

all InfoSec news

Delta Electronics CNCSoft-G2 DOPSoft DPAX

1. EXECUTIVE SUMMARY

2. RISK EVALUATION

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

3.2 Vulnerability Overview

3.2.1 STACK-BASED BUFFER OVERFLOW CWE-121

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Jobs in InfoSec / Cybersecurity

Information Security Engineers

Technology Security Analyst

Senior Cyber Security Analyst

COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368

Consultant Sécurité SI H/F Gouvernance - Risques - Conformité

Infrastructure Consultant