ICSA-18-284-03 · Published 2018-10-11 · View on CISA ICS-CERT ↗

Delta Industrial Automation TPEditor

CVSS 6.6 MEDIUM

Risk Summary

Successful exploitation of these vulnerabilities could crash the accessed device, resulting in a buffer overflow condition that may allow remote code execution.

CVEs (2)

CVE-2018-17929 CVE-2018-17927

Remediations

Delta Electronics recommends affected users update to the latest version of Delta Industrial Automation TPEditor, Version 1.91, which is available for download at: http://www.deltaww.com/Products/PluginWebUserControl/downloadCenterCounter.aspx?DID=4536&DocPath=1&hl=en-US.
Delta Electronics also recommends affected users restrict the interaction with the application to trusted files.

Affected Vendors

Delta Electronics

Affected Products (1)

Delta Electronics · TPEditor <= 1.90

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more