CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-58319 – File Parsing Memory Corruption in CNCSoft-G2
https://notcve.org/view.php?id=CVE-2025-58319
24 Sep 2025 — Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the par... • https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00017_CNCSoft-G2_File%20Parsing%20Stack-based%20Buffer%20Overflow%20Vulnerability.pdf • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-58317 – File Parsing Memory Corruption in CNCSoft-G2
https://notcve.org/view.php?id=CVE-2025-58317
24 Sep 2025 — Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. • https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00017_CNCSoft-G2_File%20Parsing%20Stack-based%20Buffer%20Overflow%20Vulnerability.pdf • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4685 – CVE-2023-4685
https://notcve.org/view.php?id=CVE-2023-4685
07 Sep 2023 — Delta Electronics' CNCSoft-B version 1.0.0.4 and DOPSoft versions 4.0.0.82 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code. CNCSoft-B versión 1.0.0.4 de Delta Electronics y DOPSoft versiones 4.0.0.82 y anteriores son vulnerables al desbordamiento del búfer de memoria, lo que podría permitir a un atacante ejecutar código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electroni... • https://www.cisa.gov/news-events/ics-advisories/icsa-23-157-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24014 – Delta Electronics CNCSoft-B DOPSoft Heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2023-24014
01 Jun 2023 — Delta Electronics' CNCSoft-B DOPSoft versions 1.0.0.4 and prior are vulnerable to heap-based buffer overflow, which could allow an attacker to execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-B. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DPA files by the DOPSoft component. The... • https://www.cisa.gov/news-events/ics-advisories/icsa-23-157-01 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25177 – Delta Electronics CNCSoft-B DOPSoft Stack-based buffer overflow
https://notcve.org/view.php?id=CVE-2023-25177
01 Jun 2023 — Delta Electronics' CNCSoft-B DOPSoft versions 1.0.0.4 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-B. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DPA files by the DOPSoft component. Th... • https://www.cisa.gov/news-events/ics-advisories/icsa-23-157-01 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2022-4634 – CVE-2022-4634
https://notcve.org/view.php?id=CVE-2022-4634
02 Feb 2023 — All versions prior to Delta Electronic’s CNCSoft version 1.01.34 (running ScreenEditor versions 1.01.5 and prior) are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation CNCSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla... • https://www.cisa.gov/uscert/ics/advisories/icsa-23-026-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1405 – Delta Electronics CNCSoft Stack-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-1405
31 Aug 2022 — CNCSoft: All versions prior to 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition. CNCSoft: Todas las versiones anteriores a 1.01.32 no sanean correctamente la entrada mientras es procesado un archivo de proyecto específico, lo que permite una posible condición de desbordamiento de búfer en la región stack de la memoria • https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-01 • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44768 – Delta Electronics CNCSoft Out-of-bounds Read
https://notcve.org/view.php?id=CVE-2021-44768
25 Mar 2022 — Delta Electronics CNCSoft (Version 1.01.30) and prior) is vulnerable to an out-of-bounds read while processing a specific project file, which may allow an attacker to disclose information. Delta Electronics CNCSoft (Versión 1.01.30) y anteriores) es vulnerable a una lectura fuera de límites mientras es procesado un archivo de proyecto específico, lo que puede permitir a un atacante divulgar información • https://www.cisa.gov/uscert/ics/advisories/icsa-21-350-02 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1404 – Delta Electronics CNCSoft Out-of-bounds Read
https://notcve.org/view.php?id=CVE-2022-1404
01 Mar 2022 — Delta Electronics CNCSoft (All versions prior to 1.01.32) does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition. Delta Electronics CNCSoft (Todas las versiones anteriores a la 1.01.32) no sanea correctamente la entrada mientras procesa un archivo de proyecto específico, lo que permite una posible condición de lectura fuera de límites This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta In... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43982 – Delta Electronics CNCSoft
https://notcve.org/view.php?id=CVE-2021-43982
02 Dec 2021 — Delta Electronics CNCSoft Versions 1.01.30 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. Delta Electronics CNCSoft versiones 1.01.30 y anteriores, son vulnerables a un desbordamiento del búfer en la región stack de la memoria, que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation CNCSoft. User interaction is re... • https://www.cisa.gov/uscert/ics/advisories/icsa-21-334-03 • CWE-121: Stack-based Buffer Overflow •