Remote Code Execution Vulnerability in Delta Electronics DIAScreen
CVE-2025-59298

6.8MEDIUM

Key Information:

Vendor: Delta Electronics
Status: Diascreen
Vendor: CVE Published:; 3 October 2025

🔔 Create Delta Electronics Vulnerability Alert

What is CVE-2025-59298?

The DIAScreen product by Delta Electronics lacks adequate validation of user-supplied files. This insufficiency may allow attackers to exploit the vulnerability; when a malicious file is opened, it can lead to the execution of arbitrary code within the context of the running process, posing a significant security risk.

Affected Version(s)

DIAScreen Windows 0 < 1.6.1

References

https://filecenter.deltaww.com/news/download/doc/Delta-PC...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 3, 2025
Vulnerability Reserved
Sep 12, 2025

Credit

Natnael Samson working with Trend Micro Zero Day Initiative

Kevin Harwood of CISA

JSON