ICSA-20-077-01 · Published 2020-03-17 · View on CISA ICS-CERT ↗

Delta Electronics Industrial Automation CNCSoft ScreenEditor

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could cause buffer overflow conditions that may allow information disclosure, remote code execution, or crash the application.

CVEs (2)

CVE-2020-7002 CVE-2020-6976

Remediations

Update to the latest version of CNCSoft v1.01.24 (with ScreenEditor v1.00.98).
Restrict the interaction with the application to trusted files.

Affected Vendors

Delta Electronics

Affected Products (1)

Delta Electronics · CNCSoft ScreenEditor <= 1.00.96

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more