Stack Buffer Overflow in Delta Electronics Delta Industrial Automation DOPSoft
CVE-2018-10621

9.8CRITICAL

Key Information:

Vendor: Delta Electronics
Status: Delta Industrial Automation Dopsoft
Vendor: CVE Published:; 18 June 2018

Summary

Delta Electronics Delta Industrial Automation DOPSoft versions 4.00.04 and earlier are susceptible to a stack buffer overflow vulnerability. This occurs when a .dpa file contains a value larger than the allocated buffer size, potentially leading to the overwriting of the buffer. The exploitation of this vulnerability can result in application crashes or unauthorized remote code execution, posing significant risks to users.

Affected Version(s)

Delta Industrial Automation DOPSoft Version 4.00.04 and prior.

References

http://www.securityfocus.com/bid/104375

vdb-entryx_refsource_BID

https://ics-cert.us-cert.gov/advisories/ICSA-18-151-01

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 18, 2018
Vulnerability Reserved
May 1, 2018