File Validation Flaw in Delta Electronics CNCSoft Software
CVE-2025-47724

7.3HIGH

Key Information:

Vendor

Delta Electronics
Status
Cncsoft
Vendor
CVE Published:
4 June 2025

What is CVE-2025-47724?

Delta Electronics' CNCSoft software contains a significant flaw due to inadequate validation of files supplied by users. When a malicious file is opened, it allows an attacker to execute arbitrary code within the context of the current process, posing serious security risks to users. This loophole can be exploited if proper precautions and security measures are not followed.

Affected Version(s)

CNCSoft Windows 0

References

https://filecenter.deltaww.com/news/download/doc/Delta-PC...

CVSS V4

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.