Delta Industrial Automation DOPSoft (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: Delta Industrial Automation DOPSoft Vulnerabilities: Out-of-bounds Read, Heap-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory...

CVE-2020-12883

Buffer over-reads were discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sncoapparseroptionsparse parses CoAP input linearly using a while loop. Once an option is parsed in a loop, the current point packetdatapptr ...

Memory corruption vulnerability in Delta ISPSoft isp project files (CNVD-2020-33323)

ISPSoft is the new generation of Delta PLC programming software. A memory corruption vulnerability exists in Delta ISPSoft when handling isp project files. An attacker can trick a user with ISPSoft installed to open a malicious isp file, which in turn triggers the vulnerability and causes the...

Memory Corruption Vulnerability in Delta ScreenEditor dpb Project File

ScreenEditor is a set of HMI programming software. A memory corruption vulnerability exists in the Delta ScreenEditor dpb project file. An attacker can trick a user installing ScreenEditor into opening a malicious dpb file, which in turn triggers the vulnerability and may result in information...

May 12, 2020—KB4556812 (OS Build 16299.1868)

May 12, 2020—KB4556812 OS Build 16299.1868 IMPORTANT We have been evaluating the public health situation, and we understand the impact this is having on you, our valued customers. To ease one of the many burdens you are currently facing, we have decided to delay the scheduled end of service date...

March 30, 2020—KB4554342 (OS Build 16299.1776)

March 30, 2020—KB4554342 OS Build 16299.1776 IMPORTANT We have been evaluating the public health situation, and we understand the impact this is having on you, our valued customers. To ease one of the many burdens you are currently facing, we have decided to delay the scheduled end of service dat...

deltalight.com.br Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1150634 Security Researcher raviakp1004 Helped patch 652 vulnerabilities Received 4 Coordinated Disclosure badges Received 5 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting deltalight.com.br websit...

Update Rollup 3 for System Center 2012 R2 Operations Manager

Update Rollup 3 for System Center 2012 R2 Operations Manager Introduction This article describes the issues that are fixed in Update Rollup 3 for Microsoft System Center 2012 R2 Operations Manager. Additionally, this article contains the installation instructions for Update Rollup 3 for System...

CVE-2020-10597

Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information and/or crash the application...

CVE-2020-10597

Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information and/or crash the application...

Out-of-bounds

Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information and/or crash the application...

CVE-2020-10597

Delta Industrial Automation DOPSoft is affected by CVE-2020-10597 (v4.00.08.15 and prior). The vulnerability comprises multiple out-of-bounds read flaws triggered by processing specially crafted project files, potentially allowing an attacker to read information and crash the application. ICS adv...

CVE-2020-6976

Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. An out-of-bounds read overflow can be exploited when a valid user opens a specially crafted, malicious input file due to the lack of validation...

CVE-2020-6976

Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. An out-of-bounds read overflow can be exploited when a valid user opens a specially crafted, malicious input file due to the lack of validation...

CVE-2020-7002

Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. Multiple stack-based buffer overflows can be exploited when a valid user opens a specially crafted, malicious input file...

CVE-2020-7002

Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. Multiple stack-based buffer overflows can be exploited when a valid user opens a specially crafted, malicious input file...

Stack overflow

Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. Multiple stack-based buffer overflows can be exploited when a valid user opens a specially crafted, malicious input file...

CVE-2020-6976

Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. An out-of-bounds read overflow can be exploited when a valid user opens a specially crafted, malicious input file due to the lack of validation...

CVE-2020-6976

Summary: CVE-2020-6976 impacts Delta CNCSoft ScreenEditor. Affected: CNCSoft ScreenEditor v1.00.96 and earlier. Root cause: out-of-bounds read overflow from improper validation while parsing input in DPB/GIF-related processing. Impact: information disclosure; potential for code execution when com...

CVE-2020-7002

Delta Electronics CNCSoft ScreenEditor (CNCSoft ScreenEditor, v1.00.96 and earlier) is affected by CVE-2020-7002. The Red Hat/NVD/ZDI/CISA entries describe multiple stack-based buffer overflows in parsing DPB input (and GIF-name related data in DPB parsing) that can be exploited by a valid user o...