VYPR

Delta Industrial Automation DOPSoft

by Delta Electronics

CVEs (15)

  • CVE-2022-2660CriDec 13, 2022
    risk 0.64cvss 9.8epss 0.01

    Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded cryptographic key which could allow an attacker to decrypt sensitive data and compromise the machine.

  • CVE-2018-10623CriJun 18, 2018
    risk 0.64cvss 9.8epss 0.04

    Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. This may cause improper restriction of operations within the bounds of the memory…

  • CVE-2018-10621CriJun 18, 2018
    risk 0.64cvss 9.8epss 0.04

    Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length stack buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten. This may allow remote code execution or…

  • CVE-2018-10617CriJun 18, 2018
    risk 0.64cvss 9.8epss 0.04

    Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length heap buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten. This may allow remote code execution or…

  • CVE-2023-43823HigJan 18, 2024
    risk 0.57cvss 8.8epss 0.01

    A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTTitleLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve…

  • CVE-2023-43822HigJan 18, 2024
    risk 0.57cvss 8.8epss 0.01

    A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesTimeLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to…

  • CVE-2023-43820HigJan 18, 2024
    risk 0.57cvss 8.8epss 0.01

    A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesPrevValueLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to…

  • CVE-2018-17929HigOct 11, 2018
    risk 0.51cvss 7.8epss 0.02

    In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files lacking user input validation before copying data from project files onto the stack and…

  • CVE-2018-17927HigOct 11, 2018
    risk 0.51cvss 7.8epss 0.02

    In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files lacking user input validation, which may cause the system to write outside the intended buffer…

  • CVE-2018-5476HigMar 15, 2018
    risk 0.51cvss 7.8epss 0.02

    A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial Automation DOPSoft, Version 4.00.01 or prior. Stack-based buffer overflow vulnerabilities caused by processing specially crafted .dop or .dpb files may allow an attacker to remotely execute…

  • CVE-2017-16751HigMar 15, 2018
    risk 0.51cvss 7.8epss 0.02

    A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. Stack-based buffer overflow vulnerabilities caused by processing specially crafted .dpb files may allow an attacker to remotely execute…

  • CVE-2017-16749HigMar 15, 2018
    risk 0.51cvss 7.8epss 0.01

    A Use-after-Free issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. Specially crafted .dpb files could exploit a use-after-free vulnerability.

  • CVE-2017-16747HigMar 15, 2018
    risk 0.51cvss 7.8epss 0.01

    An Out-of-bounds Write issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. Specially crafted .dpb files may cause the system to write outside the intended buffer area.

  • CVE-2017-16745HigMar 15, 2018
    risk 0.51cvss 7.8epss 0.01

    A Type Confusion issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. An access of resource using incompatible type ('type confusion') vulnerability may allow an attacker to execute remote code when processing…

  • CVE-2018-14824MedSep 27, 2018
    risk 0.42cvss 6.5epss 0.02

    Delta Electronics Delta Industrial Automation PMSoft v2.11 or prior has an out-of-bounds read vulnerability that can be executed when processing project files, which may allow an attacker to read confidential information.