← Back to home
ICSA-26-064-01  ·  Published 2026-03-05  ·  View on CISA ICS-CERT ↗

Delta Electronics CNCSoft-G2

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of this vulnerability could result in an attacker achieving remote code execution on the device.

CVEs (1)

Remediations

  • Delta Electronics recommends users update to Version 2.1.0.39, which has resolved this vulnerability. The update can be obtained from the Delta Electronics download center at https://downloadcenter.deltaww.com/en-US/DownloadCenter?v=1&q=cncsoft&sort_expr=cdate&sort_dir=DESC.
  • For more information, see the associated Delta Electronics security advisory Delta-PCSA-2026-00004 which can be downloaded in PDF format here: https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2026-00004_CNCSoft-G2_File%20Parsing%20Out-Of-Bounds%20Write.pdf

Affected Vendors

Delta Electronics

Affected Products (1)

Delta Electronics · CNCSoft-G2 <V2.1.0.39

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more