Buffer Overflow Vulnerability in Delta Electronics ISPSoft Application
CVE-2018-14800

7.8HIGH

Key Information:

Vendor: Delta Electronics
Status: Ispsoft
Vendor: CVE Published:; 3 October 2018

Summary

A vulnerability in Delta Electronics ISPSoft versions 3.0.5 and earlier permits attackers to exploit a buffer overflow by opening a specially crafted file. This flaw can lead to the application reading beyond its allocated memory, potentially enabling arbitrary code execution in the context of the application. Organizations using affected versions are advised to apply necessary patches and enforce security measures to mitigate associated risks.

Affected Version(s)

ISPSoft Version 3.0.5 and prior

References

https://ics-cert.us-cert.gov/advisories/ICSA-18-275-01

x_refsource_MISC

http://www.securityfocus.com/bid/105485

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 3, 2018
Vulnerability Reserved
Aug 1, 2018