CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-16201 – Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-16201
Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information. Delta Industrial Automation CNCSoft ScreenEditor, versiones 1.01.23 y anteriores. Múltiples vulnerabilidades de lectura fuera de límites pueden ser explotadas al procesar archivos de proyecto especialmente diseñados, que pueden permitir a un atacante leer información This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DPB files. • https://us-cert.cisa.gov/ics/advisories/icsa-20-217-01 https://www.zerodayinitiative.com/advisories/ZDI-20-941 https://www.zerodayinitiative.com/advisories/ZDI-20-942 https://www.zerodayinitiative.com/advisories/ZDI-20-944 https://www.zerodayinitiative.com/advisories/ZDI-20-945 https://www.zerodayinitiative.com/advisories/ZDI-20-946 https://www.zerodayinitiative.com/advisories/ZDI-20-947 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-16203 – Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Uninitialized Pointer Dereference Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-16203
Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. An uninitialized pointer may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. Delta Industrial Automation CNCSoft ScreenEditor, versiones 1.01.23 y anteriores. Un puntero no inicializado puede ser explotado al procesar un archivo de proyecto especialmente diseñado. • https://us-cert.cisa.gov/ics/advisories/icsa-20-217-01 https://www.zerodayinitiative.com/advisories/ZDI-20-948 • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2020-7002 – Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-7002
Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. Multiple stack-based buffer overflows can be exploited when a valid user opens a specially crafted, malicious input file. Delta Industrial Automation CNCSoft ScreenEditor, versiones v1.00.96 y anteriores. Múltiples desbordamientos de búfer en la región stack ??de la memoria pueden ser explotados cuando un usuario válido abre un archivo de entrada malicioso especialmente diseñado. • https://www.us-cert.gov/ics/advisories/icsa-20-077-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6976 – Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Giffile Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-6976
Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. An out-of-bounds read overflow can be exploited when a valid user opens a specially crafted, malicious input file due to the lack of validation. Delta Industrial Automation CNCSoft ScreenEditor, versiones v1.00.96 y anteriores. Un desbordamiento de lectura fuera de límites puede ser explotado cuando un usuario válido abre un archivo de entrada malicioso especialmente diseñado debido a la falta de comprobación. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Industrial Automation CNCSoft ScreenEditor. • https://www.us-cert.gov/ics/advisories/icsa-20-077-01 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10949 – Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-10949
Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple out-of-bounds read vulnerabilities may be exploited, allowing information disclosure due to a lack of user input validation for processing specially crafted project files. Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor versión 1.00.88 y anteriores. Se pueden aprovechar múltiples vulnerabilidades de lectura fuera de límites, lo que permite la divulgación de información debido a la falta de comprobación de entrada del usuario para procesar archivos de proyectos especialmente creados. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. • http://www.securityfocus.com/bid/107989 https://ics-cert.us-cert.gov/advisories/ICSA-19-106-01 https://www.zerodayinitiative.com/advisories/ZDI-19-406 https://www.zerodayinitiative.com/advisories/ZDI-19-407 https://www.zerodayinitiative.com/advisories/ZDI-19-409 https://www.zerodayinitiative.com/advisories/ZDI-19-411 https://www.zerodayinitiative.com/advisories/ZDI-19-412 https://www.zerodayinitiative.com/advisories/ZDI-19-413 https://www.zerodayinitiative.com/advisories/ZDI-19-414 https:&#x • CWE-125: Out-of-bounds Read •