Delta Electronics Delta Industrial Automation DOPSoft DPS File wKPFStringLen Buffer Overflow Remote Code Execution
Description
A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wKPFStringLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Buffer overflow in Delta DOPSoft v2 when parsing wKPFStringLen in DPS files allows remote code execution via crafted file.
Vulnerability
A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wKPFStringLen field of a DPS file. The affected product is end-of-life and no patches are available [1].
Exploitation
An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file. No authentication is required; the attacker only needs to deliver the malicious file to the victim (e.g., via email or download) and convince the user to open it with DOPSoft [1].
Impact
Successful exploitation allows the attacker to achieve remote code execution on the victim's machine, running with the privileges of the user who opened the file. This could lead to full compromise of the affected system [1].
Mitigation
No patch is available as the product is end-of-life. Users are advised to discontinue use of DOPSoft version 2 and migrate to a supported alternative. No workarounds have been published [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: 2.00.00.00
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.