VYPR
Vendor

Delta Industrial Automation

Products
7
CVEs
20
Across products
24
Status
Private

Products

7

Recent CVEs

20
  • CVE-2022-2660CriDec 13, 2022
    risk 0.64cvss 9.8epss 0.01

    Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded cryptographic key which could allow an attacker to decrypt sensitive data and compromise the machine.

  • CVE-2022-3214CriSep 16, 2022
    risk 0.64cvss 9.8epss 0.01

    Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to  1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer…

  • CVE-2021-22668CriMay 16, 2021
    risk 0.64cvss 9.8epss 0.02

    Delta Industrial Automation CNCSoft ScreenEditor Versions 1.01.28 (with ScreenEditor Version 1.01.2) and prior are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code.

  • CVE-2021-27480CriApr 27, 2021
    risk 0.64cvss 9.8epss 0.01

    Delta Industrial Automation COMMGR Versions 1.12 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute remote code.

  • CVE-2022-2969HigDec 1, 2022
    risk 0.53cvss 8.1epss 0.02

    Delta Industrial Automation DIALink versions prior to v1.5.0.0 Beta 4 uses an external input to construct a pathname intended to identify a file or directory located underneath a restricted parent directory. However, the software does not properly neutralize special elements…

  • CVE-2020-16199HigAug 4, 2020
    risk 0.52cvss 7.8epss 0.10

    Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read/modify information, execute arbitrary code,…

  • CVE-2020-16203HigAug 4, 2020
    risk 0.51cvss 7.8epss 0.02

    Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. An uninitialized pointer may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute…

  • CVE-2020-14482HigJun 30, 2020
    risk 0.51cvss 7.8epss 0.03

    Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Opening a specially crafted project file may overflow the heap, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.

  • CVE-2020-7002HigMar 18, 2020
    risk 0.51cvss 7.8epss 0.01

    Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. Multiple stack-based buffer overflows can be exploited when a valid user opens a specially crafted, malicious input file.

  • CVE-2019-13514HigAug 15, 2019
    risk 0.51cvss 7.8epss 0.03

    In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger a use-after-free vulnerability, which may allow information disclosure, remote code execution, or crash of the application.

  • CVE-2019-13513HigAug 15, 2019
    risk 0.51cvss 7.8epss 0.04

    In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger multiple out-of-bounds read vulnerabilities, which may allow information disclosure, remote code execution, or crash of the application.

  • CVE-2019-10951HigApr 17, 2019
    risk 0.51cvss 7.8epss 0.03

    Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. There is a lack of…

  • CVE-2019-10947HigApr 17, 2019
    risk 0.51cvss 7.8epss 0.04

    Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. This may occur…

  • CVE-2018-17929HigOct 11, 2018
    risk 0.51cvss 7.8epss 0.02

    In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files lacking user input validation before copying data from project files onto the stack and…

  • CVE-2018-17927HigOct 11, 2018
    risk 0.51cvss 7.8epss 0.02

    In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files lacking user input validation, which may cause the system to write outside the intended buffer…

  • CVE-2020-10597HigMar 20, 2020
    risk 0.46cvss 7.1epss 0.01

    Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information and/or crash the application.

  • CVE-2020-6976MedMar 18, 2020
    risk 0.36cvss 5.5epss 0.01

    Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. An out-of-bounds read overflow can be exploited when a valid user opens a specially crafted, malicious input file due to the lack of validation.

  • CVE-2019-10949MedApr 17, 2019
    risk 0.36cvss 5.5epss 0.02

    Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple out-of-bounds read vulnerabilities may be exploited, allowing information disclosure due to a lack of user input validation for processing specially crafted project files.

  • CVE-2019-6547MedFeb 28, 2019
    risk 0.36cvss 5.5epss 0.01

    Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.84 and prior. An out-of-bounds read vulnerability may cause the software to crash due to lacking user input validation for processing project files.

  • CVE-2020-16201LowAug 4, 2020
    risk 0.22cvss 3.3epss 0.01

    Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information.