Delta Electronics CNCSoft-G2
Summary
Delta Electronics CNCSoft-G2 versions prior to V2.1.0.39 are vulnerable to an Out-of-Bounds Write due to improper parsing of DPAX files within the DOPSoft component. Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution on affected devices.
IFF Assessment
This vulnerability allows for remote code execution, posing a significant threat to operational technology (OT) environments.
Severity
Defender Context
This alert highlights a critical vulnerability in industrial control systems, specifically within Delta Electronics CNCSoft-G2. Defenders in the Critical Manufacturing sector and beyond should prioritize patching or implementing mitigations for affected versions to prevent potential remote code execution. Organizations must be vigilant about updates and security advisories for OT components, as these are often targeted for disruptive attacks.