Buffer Overflow Vulnerability in Delta Electronics CNCSoft-G2 Software
CVE-2025-22881

8.4HIGH

Key Information:

Vendor: Delta Electronics
Status: Cncsoft-g2
Vendor: CVE Published:; 26 February 2025

Summary

Delta Electronics CNCSoft-G2 is susceptible to a heap-based buffer overflow due to inadequate validation of user-supplied data length. This flaw allows attackers to craft malicious content that, when accessed by a user, can lead to arbitrary code execution within the application's current process. It is essential for users to apply security updates and follow best practices to mitigate risk.

Affected Version(s)

CNCSoft-G2 Windows 0 <= 2.1.0.10

References

https://filecenter.deltaww.com/news/download/doc/Delta-PC...

CVSS V4

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Feb 26, 2025
Vulnerability Reserved
Jan 9, 2025