Описание
Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length heap buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten. This may allow remote code execution or cause the application to crash.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 4.00.04 (включая)
cpe:2.3:a:deltaww:delta_industrial_automation_dopsoft:*:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.02701
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-122
CWE-119
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length heap buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten. This may allow remote code execution or cause the application to crash.
EPSS
Процентиль: 86%
0.02701
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-122
CWE-119