Buffer Overflow Vulnerability in Delta Electronics ISPSoft Application
CVE-2018-14800

7.8HIGH

Key Information:

Vendor

Delta Electronics
Status
Ispsoft
Vendor
CVE Published:
3 October 2018

What is CVE-2018-14800?

A vulnerability in Delta Electronics ISPSoft versions 3.0.5 and earlier permits attackers to exploit a buffer overflow by opening a specially crafted file. This flaw can lead to the application reading beyond its allocated memory, potentially enabling arbitrary code execution in the context of the application. Organizations using affected versions are advised to apply necessary patches and enforce security measures to mitigate associated risks.

Affected Version(s)

ISPSoft Version 3.0.5 and prior

References

https://ics-cert.us-cert.gov/advisories/ICSA-18-275-01
x_refsource_MISC
http://www.securityfocus.com/bid/105485
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.