EIP-29f0f63c
A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.
Vulnerability Identifier
Exodus Intelligence: EIP-29f0f63cMITRE: CVE-2023-43818Vulnerability Metrics
CVSSv2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:PCVSSv2 Score: 6.8Vendor References
The affected product is end-of-life and no patches are available.Discovery Credit
Exodus IntelligenceDisclosure Timeline
Disclosed to Vendor: March 8, 2023Vendor response to disclosure: March 22, 2023Disclosed to public: January 18, 2024Further Information
Readers of this advisory who are interested in receiving further details around the vulnerability, mitigations, detection guidance, and more can contact us at [email protected]
The post Delta Electronics Delta Industrial Automation DOPSoft DPS File wTextLen Buffer Overflow Remote Code Execution appeared first on Exodus Intelligence.
Support the originator by clicking the read the rest link below.