CVE-2023-5944 – Delta Electronics DOPSoft Stack-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2023-5944
Delta Electronics DOPSoft is vulnerable to a stack-based buffer overflow, which may allow for arbitrary code execution if an attacker can lead a legitimate user to execute a specially crafted file. Delta Electronics DOPSoft es vulnerable a un desbordamiento del búfer basado en pila, lo que puede permitir la ejecución de código arbitrario si un atacante puede llevar a un usuario legítimo a ejecutar un archivo especialmente manipulado. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DPA files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. • https://diastudio.deltaww.com/home/downloads?sec=download#catalog https://www.cisa.gov/news-events/ics-advisories/icsa-23-334-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-4685 – CVE-2023-4685
https://notcve.org/view.php?id=CVE-2023-4685
Delta Electronics' CNCSoft-B version 1.0.0.4 and DOPSoft versions 4.0.0.82 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code. CNCSoft-B versión 1.0.0.4 de Delta Electronics y DOPSoft versiones 4.0.0.82 y anteriores son vulnerables al desbordamiento del búfer de memoria, lo que podría permitir a un atacante ejecutar código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-B. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DPA files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-157-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-0124 – CVE-2023-0124
https://notcve.org/view.php?id=CVE-2023-0124
Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to an out-of-bounds write, which could allow an attacker to remotely execute arbitrary code when a malformed file is introduced to the software. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DPA files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/uscert/ics/advisories/icsa-23-031-01 • CWE-787: Out-of-bounds Write •
CVE-2023-0123 – CVE-2023-0123
https://notcve.org/view.php?id=CVE-2023-0123
Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code when a malformed file is introduced to the software. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DPA files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/uscert/ics/advisories/icsa-23-031-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2022-2966 – Delta Electronics DOPSoft Out-of-bounds Read
https://notcve.org/view.php?id=CVE-2022-2966
Out-of-bounds Read vulnerability in Delta Electronics DOPSoft.This issue affects DOPSoft: All Versions. Vulnerabilidad de lectura fuera de los límites en Delta Electronics DOPSoft. Este problema afecta a DOPSoft: todas las versiones. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-244-01 • CWE-125: Out-of-bounds Read •