ICSA-25-308-03
·
Published 2025-11-04
·
View on CISA ICS-CERT ↗
Delta Electronics CNCSoft-G2
CVSS 7.8
HIGH
Risk Summary
Successful exploitation of this vulnerability could allow attackers to execute arbitrary code in the context of the current process.
CVEs (1)
Remediations
- Delta Electronics recommends CNCSoft-G2 users to download and update to Version 2.1.0.34 or later.
- General Recommendations:
- Do not click on untrusted Internet links or open unsolicited attachments in emails.
- Avoid exposing control systems and equipment to the Internet.
- Place systems and devices behind a firewall and isolate them from the business network.
- When remote access is required, use a secure access method, such as a virtual private network (VPN).
- Users should contact Delta Electronics with any additional product-related support concerns.
- For more information, refer to Delta Electronic's product cybersecurity advisory PCSA-2025-00017.
Affected Vendors
Delta Electronics
Affected Products (1)
Delta Electronics
·
CNCSoft-G2
<=2.1.0.27
Affected Sectors
Critical Manufacturing, Energy
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more