COMMGR2
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-10594 | Cri | 0.72 | 9.8 | 0.69 | Jun 26, 2018 | Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network… | ||
| CVE-2025-3495 | Cri | 0.64 | 9.8 | 0.01 | Apr 16, 2025 | Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code. | ||
| CVE-2025-53418 | Hig | 0.56 | 8.6 | 0.00 | Aug 26, 2025 | Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability. | ||
| CVE-2025-53419 | Hig | 0.51 | 7.8 | 0.00 | Aug 26, 2025 | Delta Electronics COMMGR has Code Injection vulnerability. | ||
| CVE-2026-3631 | 0.00 | — | 0.01 | Mar 9, 2026 | Delta Electronics COMMGR2 has Buffer Over-read DoS vulnerability. | |||
| CVE-2026-3630 | 0.00 | — | 0.01 | Mar 9, 2026 | Delta Electronics COMMGR2 has Stack-based Buffer Overflow vulnerability. |
- risk 0.72cvss 9.8epss 0.69
Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network…
- risk 0.64cvss 9.8epss 0.01
Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code.
- risk 0.56cvss 8.6epss 0.00
Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability.
- risk 0.51cvss 7.8epss 0.00
Delta Electronics COMMGR has Code Injection vulnerability.
- CVE-2026-3631Mar 9, 2026risk 0.00cvss —epss 0.01
Delta Electronics COMMGR2 has Buffer Over-read DoS vulnerability.
- CVE-2026-3630Mar 9, 2026risk 0.00cvss —epss 0.01
Delta Electronics COMMGR2 has Stack-based Buffer Overflow vulnerability.