Description
All versions prior to Delta Electronic’s CNCSoft version 1.01.34 (running ScreenEditor versions 1.01.5 and prior) are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code.
References
https://www.cisa.gov/uscert/ics/advisories/icsa-23-026-01
PatchThird Party AdvisoryUS Government Resource
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 · High
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2023-02-03T03:15:08.140
1 year agoLast modified
2023-11-07T03:58:25.287
8 months ago