Buffer Overflow Vulnerability in Delta Industrial Automation CNCSoft ScreenEditor
CVE-2020-16199

7.8HIGH

Key Information:

Vendor

Deltaww

Status
Delta Industrial Automation Cncsoft Screeneditor
Vendor
CVE Published:
4 August 2020

What is CVE-2020-16199?

The Delta Industrial Automation CNCSoft ScreenEditor is prone to multiple stack-based buffer overflow vulnerabilities due to improper handling of specially crafted project files. An attacker can exploit these vulnerabilities to read or modify sensitive information, execute arbitrary code, or cause the application to crash. Versions 1.01.23 and earlier are especially vulnerable, necessitating immediate attention from users to safeguard their systems.

Affected Version(s)

Delta Industrial Automation CNCSoft ScreenEditor Versions 1.01.23 and prior

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-217-01
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-20-940/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-20-939/
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.