Out-of-Bounds Read Vulnerabilities in Delta Industrial Automation CNCSoft ScreenEditor
CVE-2020-16201

3.3LOW

Key Information:

Vendor

Deltaww

Status
Delta Industrial Automation Cncsoft Screeneditor
Vendor
CVE Published:
4 August 2020

What is CVE-2020-16201?

Delta Industrial Automation's CNCSoft ScreenEditor is affected by multiple out-of-bounds read vulnerabilities that can be triggered by processing specially crafted project files. These vulnerabilities could enable an attacker to read sensitive information from the system, potentially leading to data leakage and further security risks. It is essential for users of impacted versions to address this security issue promptly.

Affected Version(s)

Delta Industrial Automation CNCSoft ScreenEditor Versions 1.01.23 and prior

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-217-01
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-20-944/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-20-941/
x_refsource_MISC

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.