Delta Industrial Automation
Products
7- 10 CVEs
- 4 CVEs
- 4 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
20| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-2660 | Cri | 0.64 | 9.8 | 0.01 | Dec 13, 2022 | Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded cryptographic key which could allow an attacker to decrypt sensitive data and compromise the machine. | ||
| CVE-2022-3214 | Cri | 0.64 | 9.8 | 0.01 | Sep 16, 2022 | Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer… | ||
| CVE-2021-22668 | Cri | 0.64 | 9.8 | 0.02 | May 16, 2021 | Delta Industrial Automation CNCSoft ScreenEditor Versions 1.01.28 (with ScreenEditor Version 1.01.2) and prior are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code. | ||
| CVE-2021-27480 | Cri | 0.64 | 9.8 | 0.01 | Apr 27, 2021 | Delta Industrial Automation COMMGR Versions 1.12 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute remote code. | ||
| CVE-2022-2969 | Hig | 0.53 | 8.1 | 0.02 | Dec 1, 2022 | Delta Industrial Automation DIALink versions prior to v1.5.0.0 Beta 4 uses an external input to construct a pathname intended to identify a file or directory located underneath a restricted parent directory. However, the software does not properly neutralize special elements… | ||
| CVE-2020-16199 | Hig | 0.52 | 7.8 | 0.10 | Aug 4, 2020 | Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read/modify information, execute arbitrary code,… | ||
| CVE-2020-16203 | Hig | 0.51 | 7.8 | 0.02 | Aug 4, 2020 | Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. An uninitialized pointer may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute… | ||
| CVE-2020-14482 | Hig | 0.51 | 7.8 | 0.03 | Jun 30, 2020 | Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Opening a specially crafted project file may overflow the heap, which may allow remote code execution, disclosure/modification of information, or cause the application to crash. | ||
| CVE-2020-7002 | Hig | 0.51 | 7.8 | 0.01 | Mar 18, 2020 | Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. Multiple stack-based buffer overflows can be exploited when a valid user opens a specially crafted, malicious input file. | ||
| CVE-2019-13514 | Hig | 0.51 | 7.8 | 0.03 | Aug 15, 2019 | In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger a use-after-free vulnerability, which may allow information disclosure, remote code execution, or crash of the application. | ||
| CVE-2019-13513 | Hig | 0.51 | 7.8 | 0.04 | Aug 15, 2019 | In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger multiple out-of-bounds read vulnerabilities, which may allow information disclosure, remote code execution, or crash of the application. | ||
| CVE-2019-10951 | Hig | 0.51 | 7.8 | 0.03 | Apr 17, 2019 | Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. There is a lack of… | ||
| CVE-2019-10947 | Hig | 0.51 | 7.8 | 0.04 | Apr 17, 2019 | Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. This may occur… | ||
| CVE-2018-17929 | Hig | 0.51 | 7.8 | 0.02 | Oct 11, 2018 | In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files lacking user input validation before copying data from project files onto the stack and… | ||
| CVE-2018-17927 | Hig | 0.51 | 7.8 | 0.02 | Oct 11, 2018 | In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files lacking user input validation, which may cause the system to write outside the intended buffer… | ||
| CVE-2020-10597 | Hig | 0.46 | 7.1 | 0.01 | Mar 20, 2020 | Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information and/or crash the application. | ||
| CVE-2020-6976 | Med | 0.36 | 5.5 | 0.01 | Mar 18, 2020 | Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. An out-of-bounds read overflow can be exploited when a valid user opens a specially crafted, malicious input file due to the lack of validation. | ||
| CVE-2019-10949 | Med | 0.36 | 5.5 | 0.02 | Apr 17, 2019 | Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple out-of-bounds read vulnerabilities may be exploited, allowing information disclosure due to a lack of user input validation for processing specially crafted project files. | ||
| CVE-2019-6547 | Med | 0.36 | 5.5 | 0.01 | Feb 28, 2019 | Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.84 and prior. An out-of-bounds read vulnerability may cause the software to crash due to lacking user input validation for processing project files. | ||
| CVE-2020-16201 | Low | 0.22 | 3.3 | 0.01 | Aug 4, 2020 | Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information. |
- risk 0.64cvss 9.8epss 0.01
Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded cryptographic key which could allow an attacker to decrypt sensitive data and compromise the machine.
- risk 0.64cvss 9.8epss 0.01
Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer…
- risk 0.64cvss 9.8epss 0.02
Delta Industrial Automation CNCSoft ScreenEditor Versions 1.01.28 (with ScreenEditor Version 1.01.2) and prior are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code.
- risk 0.64cvss 9.8epss 0.01
Delta Industrial Automation COMMGR Versions 1.12 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute remote code.
- risk 0.53cvss 8.1epss 0.02
Delta Industrial Automation DIALink versions prior to v1.5.0.0 Beta 4 uses an external input to construct a pathname intended to identify a file or directory located underneath a restricted parent directory. However, the software does not properly neutralize special elements…
- risk 0.52cvss 7.8epss 0.10
Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read/modify information, execute arbitrary code,…
- risk 0.51cvss 7.8epss 0.02
Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. An uninitialized pointer may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute…
- risk 0.51cvss 7.8epss 0.03
Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Opening a specially crafted project file may overflow the heap, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.
- risk 0.51cvss 7.8epss 0.01
Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. Multiple stack-based buffer overflows can be exploited when a valid user opens a specially crafted, malicious input file.
- risk 0.51cvss 7.8epss 0.03
In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger a use-after-free vulnerability, which may allow information disclosure, remote code execution, or crash of the application.
- risk 0.51cvss 7.8epss 0.04
In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger multiple out-of-bounds read vulnerabilities, which may allow information disclosure, remote code execution, or crash of the application.
- risk 0.51cvss 7.8epss 0.03
Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. There is a lack of…
- risk 0.51cvss 7.8epss 0.04
Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. This may occur…
- risk 0.51cvss 7.8epss 0.02
In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files lacking user input validation before copying data from project files onto the stack and…
- risk 0.51cvss 7.8epss 0.02
In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files lacking user input validation, which may cause the system to write outside the intended buffer…
- risk 0.46cvss 7.1epss 0.01
Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information and/or crash the application.
- risk 0.36cvss 5.5epss 0.01
Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. An out-of-bounds read overflow can be exploited when a valid user opens a specially crafted, malicious input file due to the lack of validation.
- risk 0.36cvss 5.5epss 0.02
Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple out-of-bounds read vulnerabilities may be exploited, allowing information disclosure due to a lack of user input validation for processing specially crafted project files.
- risk 0.36cvss 5.5epss 0.01
Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.84 and prior. An out-of-bounds read vulnerability may cause the software to crash due to lacking user input validation for processing project files.
- risk 0.22cvss 3.3epss 0.01
Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information.