Out-of-bounds Read Vulnerability in Delta Industrial Automation CNCSoft Software
CVE-2019-6547

5.5MEDIUM

Key Information:

Vendor: Ics-cert
Status: Delta Industrial Automation Cncsoft
Vendor: CVE Published:; 19 February 2019

What is CVE-2019-6547?

An out-of-bounds read vulnerability exists in Delta Industrial Automation's CNCSoft ScreenEditor, specifically in versions 1.00.84 and earlier. This issue arises from inadequate user input validation when processing project files, which may lead to unexpected software crashes and disruptions in operation. It is crucial for users of these affected versions to apply necessary updates and implement security best practices to mitigate potential risks.

Affected Version(s)

Delta Industrial Automation CNCSoft CNCSoft ScreenEditor Version 1.00.84 and prior.

References

http://www.securityfocus.com/bid/107086

vdb-entryx_refsource_BID

https://ics-cert.us-cert.gov/advisories/ICSA-19-050-02

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 19, 2019
Vulnerability Reserved
Jan 22, 2019

CVE-2019-6547 Data

JSON

Ics-cert

What is CVE-2019-6547?

Affected Version(s)

References

CVSS V3.1

Timeline