Delta Electronics Delta Industrial Automation DOPSoft DPS File wLogTitlesTimeLen Buffer Overflow Remote Code Execution

Vulnerability

A stack-based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesTimeLen field of a DPS file. The affected product is end-of-life, and all versions are vulnerable. The vulnerability is triggered during the parsing of a specially crafted DPS file [1].

Exploitation

An unauthenticated remote attacker can exploit this vulnerability by enticing a user to open a malicious DPS file. No special privileges or network access beyond delivering the file are required. The attacker crafts a DPS file with an oversized wLogTitlesTimeLen field, and upon the user opening the file in DOPSoft, the stack buffer overflow occurs [1].

Impact

Successful exploitation allows the attacker to achieve remote code execution in the context of the DOPSoft process. This can lead to full compromise of the affected system, including potential data exfiltration, installation of malware, or further lateral movement [1].

Mitigation

The affected product is end-of-life, and no patches are available. Users are advised to discontinue use of DOPSoft and migrate to supported alternatives. No workarounds are provided in the available references [1].