DIAScreen
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-5068 | Hig | 0.51 | 7.8 | 0.00 | Sep 21, 2023 | Delta Electronics DIAScreen may write past the end of an allocated buffer while parsing a specially crafted input file. This could allow an attacker to execute code in the context of the current process. | ||
| CVE-2023-0251 | Hig | 0.51 | 7.8 | 0.00 | Feb 8, 2023 | Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to a buffer overflow through improper restrictions of operations within memory, which could allow an attacker to remotely execute arbitrary code. | ||
| CVE-2023-0250 | Hig | 0.51 | 7.8 | 0.02 | Feb 8, 2023 | Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code. | ||
| CVE-2023-0249 | Hig | 0.51 | 7.8 | 0.00 | Feb 8, 2023 | Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to out-of-bounds write, which may allow an attacker to remotely execute arbitrary code. | ||
| CVE-2021-32969 | Hig | 0.51 | 7.8 | 0.01 | May 24, 2022 | Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to an out-of-bounds write condition, which may result in a system crash or allow an attacker to remotely execute arbitrary code. | ||
| CVE-2021-32965 | Hig | 0.51 | 7.8 | 0.01 | May 24, 2022 | Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to type confusion, which may allow an attacker to remotely execute arbitrary code. | ||
| CVE-2025-59300 | 0.00 | — | 0.00 | Oct 3, 2025 | Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. | |||
| CVE-2025-59299 | 0.00 | — | 0.00 | Oct 3, 2025 | Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. | |||
| CVE-2025-59298 | 0.00 | — | 0.00 | Oct 3, 2025 | Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. | |||
| CVE-2025-59297 | 0.00 | — | 0.00 | Oct 3, 2025 | Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. | |||
| CVE-2024-39354 | 0.00 | — | 0.00 | Nov 11, 2024 | If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in CEtherIPTagItem can be exploited, allowing the attacker to remotely execute arbitrary code. | |||
| CVE-2024-39605 | 0.00 | — | 0.03 | Nov 11, 2024 | If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetParameter can be exploited, allowing the attacker to remotely execute arbitrary code. | |||
| CVE-2024-47131 | 0.00 | — | 0.00 | Nov 11, 2024 | If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetObjectInfo can be exploited, allowing the attacker to remotely execute arbitrary code. | |||
| CVE-2024-7502 | 0.00 | — | 0.00 | Aug 6, 2024 | A crafted DPA file could force Delta Electronics DIAScreen to overflow a stack-based buffer, which could allow an attacker to execute arbitrary code. |
- risk 0.51cvss 7.8epss 0.00
Delta Electronics DIAScreen may write past the end of an allocated buffer while parsing a specially crafted input file. This could allow an attacker to execute code in the context of the current process.
- risk 0.51cvss 7.8epss 0.00
Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to a buffer overflow through improper restrictions of operations within memory, which could allow an attacker to remotely execute arbitrary code.
- risk 0.51cvss 7.8epss 0.02
Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code.
- risk 0.51cvss 7.8epss 0.00
Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to out-of-bounds write, which may allow an attacker to remotely execute arbitrary code.
- risk 0.51cvss 7.8epss 0.01
Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to an out-of-bounds write condition, which may result in a system crash or allow an attacker to remotely execute arbitrary code.
- risk 0.51cvss 7.8epss 0.01
Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to type confusion, which may allow an attacker to remotely execute arbitrary code.
- CVE-2025-59300Oct 3, 2025risk 0.00cvss —epss 0.00
Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
- CVE-2025-59299Oct 3, 2025risk 0.00cvss —epss 0.00
Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
- CVE-2025-59298Oct 3, 2025risk 0.00cvss —epss 0.00
Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
- CVE-2025-59297Oct 3, 2025risk 0.00cvss —epss 0.00
Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
- CVE-2024-39354Nov 11, 2024risk 0.00cvss —epss 0.00
If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in CEtherIPTagItem can be exploited, allowing the attacker to remotely execute arbitrary code.
- CVE-2024-39605Nov 11, 2024risk 0.00cvss —epss 0.03
If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetParameter can be exploited, allowing the attacker to remotely execute arbitrary code.
- CVE-2024-47131Nov 11, 2024risk 0.00cvss —epss 0.00
If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetObjectInfo can be exploited, allowing the attacker to remotely execute arbitrary code.
- CVE-2024-7502Aug 6, 2024risk 0.00cvss —epss 0.00
A crafted DPA file could force Delta Electronics DIAScreen to overflow a stack-based buffer, which could allow an attacker to execute arbitrary code.