Buffer Overflow Vulnerability in Delta Electronics Automation Software
CVE-2018-5476

7.8HIGH

Key Information:

Vendor: Deltaww
Status: Delta Electronics Delta Industrial Automation Dopsoft
Vendor: CVE Published:; 15 March 2018

What is CVE-2018-5476?

A stack-based buffer overflow vulnerability has been identified in Delta Electronics Delta Industrial Automation DOPSoft, specifically in versions 4.00.01 and earlier. This vulnerability arises from the improper handling of specially crafted .dop or .dpb files, enabling attackers to potentially execute arbitrary code remotely. Addressing this issue is critical for maintaining the security of industrial automation systems.

Affected Version(s)

Delta Electronics Delta Industrial Automation DOPSoft Delta Electronics Delta Industrial Automation DOPSoft

References

http://www.securityfocus.com/bid/103195

vdb-entryx_refsource_BID

https://ics-cert.us-cert.gov/advisories/ICSA-18-060-03

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 15, 2018
Vulnerability Reserved
Jan 12, 2018

CVE-2018-5476 Data

JSON

Deltaww

What is CVE-2018-5476?

Affected Version(s)

References

CVSS V3.1

Timeline