← Back to home
ICSA-26-181-07  ·  Published 2026-06-30  ·  View on CISA ICS-CERT ↗

Delta Electronics DVP12SE PLC

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to remotely issue commands, modify operational values, interfere with control logic, and alter device behavior without authentication or privilege enforcement.

Remediations

  • Delta Electronics is aware of these vulnerabilities and is currently working on a fix.
  • Delta Electronics recommends users apply the following workarounds:
  • Enable the IP Filter feature: Configure and enable the PLC's built-in IP Filter function via the programming software. Restrict access exclusively to the IP addresses of trusted devices (such as designated HMI panels or SCADA hosts) to block unauthorized network access.Set up PLC password protection: Enable password protection for the PLC within the programming software to ensure the device's core control logic and parameters cannot be easily downloaded, overwritten, or tampered with.Implement network isolation and firewall protection: Deploy the PLC within an independent local area network (OT control network) secured by a firewall. Never connect the device directly to the office network or the Internet. If remote access is required, enforce the use of a secure, authorized VPN tunnel.
  • For more information refer to Delta Electronic's advisory page https://www.deltaww.com/en-US/service-support/product-cybersecurity/advisory.

Affected Vendors

Delta Electronics

Affected Products (1)

Delta Electronics · DVP12SE PLC vers:all/*

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more