← Back to home
ICSA-18-219-01  ·  Published 2018-08-07  ·  View on CISA ICS-CERT ↗

Delta Electronics CNCSoft and ScreenEditor

CVSS 8.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to gain remote code execution with administrator privileges.

CVEs (2)

Remediations

  • Update to the latest version of CNCSoft, v1.01.09. The updated version can be found at: http://www.deltaww.com/Products/PluginWebUserControl/downloadCenterCounter.aspx?DID=84&DocPath=1&hl=en-US
  • Restrict the interaction with the application to trusted files.

Affected Vendors

Delta Electronics

Affected Products (2)

Delta Electronics · ScreenEditor 1.00.54
Delta Electronics · CNCSoft <=1.00.83

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more