CVE-2017-16745: Incorrect Type Cast
First published: Thu Mar 15 2018(Updated: )
A Type Confusion issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. An access of resource using incompatible type ('type confusion') vulnerability may allow an attacker to execute remote code when processing specially crafted .dpb files.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Deltaww Screeneditor | <=2.00.23.00 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-16745?
CVE-2017-16745 has a critical severity rating due to its potential to allow remote code execution.
How do I fix CVE-2017-16745?
To fix CVE-2017-16745, upgrade to Delta Electronics Delta Industrial Automation Screen Editor version 2.00.23.01 or later.
What types of attacks can be executed using CVE-2017-16745?
CVE-2017-16745 allows attackers to execute remote code through specially crafted .dpb files.
Which versions of Delta Industrial Automation Screen Editor are affected by CVE-2017-16745?
Delta Industrial Automation Screen Editor versions 2.00.23.00 and prior are affected by CVE-2017-16745.
What is the nature of the vulnerability in CVE-2017-16745?
CVE-2017-16745 is a Type Confusion vulnerability that occurs when resources are accessed using incompatible types.
- agent/author
- agent/severity
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/deltaww
- canonical/deltaww screeneditor
- version/deltaww screeneditor/2.00.23.00