virus logo Intrusion Prevention

Delta.Electronics.CNCSoft.CVE-2018-10636.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a Buffer Overflow vulnerability in Delta Industrial Automation CNCSoft ScreenEditor.
The vulnerability is caused by an error when the vulnerable application handles a malformed DPB file. A remote attacker may be able to exploit this to execute arbitrary code on vulnerable systems via a crafted DPB file.

affected-products-logoAffected Products

Delta Industrial Automation CNCSoft ScreenEditor 1.00.83 and prior

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor:
http://www.deltaww.com/Products/PluginWebUserControl/downloadCenterCounter.aspx?DID=84&DocPath=1&hl=en-US

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2019-01-02 13.516
Modified
 Default_action:pass:drop
2018-11-29 13.500
Modified
 Sig Added
2018-11-28 13.499
New

References

https://ics-cert.us-cert.gov/advisories/ICSA-18-219-01
ID 47128
Created Nov 29, 2018
Updated May 23, 2024
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Exploit Prediction Score 4.8%
Default Action drop
Active
Affected OS Windows
Affected App SCADA
Profile Type Buffer Errors