Delta Electronics DOPSoft Stack-based Buffer Overflow
CVE-2023-5944

7.8HIGH

Key Information:

Vendor: Delta Electronics
Status: DOPSoft
Vendor: CVE Published:; 4 December 2023

Summary

Delta Electronics DOPSoft contains a stack-based buffer overflow vulnerability that could potentially enable attackers to execute arbitrary code. This security flaw occurs when an attacker convinces a legitimate user to open a specially crafted file, leading to unauthorized actions within the system. Users should urgently apply the latest updates and implement security best practices to mitigate against this threat.

Affected Version(s)

DOPSoft All versions

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-3...

https://diastudio.deltaww.com/home/downloads?sec=download...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 4, 2023
Vulnerability Reserved
Nov 2, 2023

Credit

Natnael Samson working with Trend Micro Zero Day