Buffer Overflow Vulnerability in Delta Electronics DOPSoft Software
CVE-2021-33019

7.8HIGH

Key Information:

Vendor

Deltaww

Status
Delta Electronics Dopsoft
Vendor
CVE Published:
30 August 2021

What is CVE-2021-33019?

Delta Electronics DOPSoft software is vulnerable to a stack-based buffer overflow attack. Exploiting this vulnerability involves processing a specially crafted project file, which potentially enables an attacker to execute arbitrary code on the affected system. Users of DOPSoft Version 4.00.11 and earlier should evaluate their exposure and consider applying necessary updates or mitigations to safeguard against this risk.

Affected Version(s)

Delta Electronics DOPSoft DOPSoft Version 4.00.11 and prior

References

https://us-cert.cisa.gov/ics/advisories/icsa-21-238-04
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-1059/
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.