Delta Electronics DRASimuCAD (Update A)

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could crash the device or potentially allow remote code execution.

CVE-2024-12834 CVE-2024-12835 CVE-2024-12836

Delta has released a patch to fix these vulnerabilities on Delta Download Center. This patch is based on the formal DRASimuCAD v1.02.00.00. Users should have the original v1.02.00.00 installed, then install this new patch.
Delta also recommends the following general security practices:
Don't click on untrusted Internet links or open unsolicited attachments in emails.
Avoid exposing control systems and equipment to the Internet.
Place systems and devices behind a firewall and isolate them from the business network.
When remote access is required, use a secure access method, such as a virtual private network (VPN).
For more information, please see the Delta product cybersecurity advisory for these issues.

Delta Electronics

Delta Electronics · DRASimuCAD <=1.02.00.00

Critical Manufacturing

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.