What is CVE-2020-16199?

CVE-2020-16199 is a vulnerability that allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation CNCSoft ScreenEditor.

How does CVE-2020-16199 impact Delta Industrial Automation CNCSoft ScreenEditor?

CVE-2020-16199 allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation CNCSoft ScreenEditor.

What is the severity of CVE-2020-16199?

The severity of CVE-2020-16199 is high with a CVSS score of 7.8.

How can CVE-2020-16199 be exploited?

To exploit CVE-2020-16199, user interaction is required, such as visiting a malicious page or opening a malicious file.

How can I protect my Delta Industrial Automation CNCSoft ScreenEditor installation from CVE-2020-16199?

To protect your Delta Industrial Automation CNCSoft ScreenEditor installation from CVE-2020-16199, ensure you update to a version higher than 1.01.23.

Vulnerability/
CVE-2020-16199

high

7.8

CWE

787 121 119

4/8/2020

4/8/2024

CVE-2020-16199: Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

First published: Tue Aug 04 2020(Updated: )

Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
Deltaww Cncsoft Screeneditor	<=1.01.23
Delta Industrial Automation CNCSoft ScreenEditor
Delta Electronics Industrial Automation CNCSoft ScreenEditor Versions 1.01.23 and prior

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

ICSA-20-217-01

Frequently Asked Questions

What is CVE-2020-16199?
CVE-2020-16199 is a vulnerability that allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation CNCSoft ScreenEditor.
How does CVE-2020-16199 impact Delta Industrial Automation CNCSoft ScreenEditor?
CVE-2020-16199 allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation CNCSoft ScreenEditor.
What is the severity of CVE-2020-16199?
The severity of CVE-2020-16199 is high with a CVSS score of 7.8.
How can CVE-2020-16199 be exploited?
To exploit CVE-2020-16199, user interaction is required, such as visiting a malicious page or opening a malicious file.
How can I protect my Delta Industrial Automation CNCSoft ScreenEditor installation from CVE-2020-16199?
To protect your Delta Industrial Automation CNCSoft ScreenEditor installation from CVE-2020-16199, ensure you update to a version higher than 1.01.23.

agent/type
collector/nvd-index
agent/software-canonical-lookup-request
agent/title
agent/weakness
agent/severity
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
collector/zdi-advisory
source/ZDI
alias/ZDI-20-939
alias/ZDI-CAN-10890
alias/CVE-2020-16199
agent/software-canonical-lookup
alias/ZDI-20-940
alias/ZDI-CAN-10889
alias/ZDI-20-943
alias/ZDI-CAN-10881
agent/references
agent/softwarecombine
agent/tags
agent/event
collector/ics-cert-advisory
source/ICS
vendor/deltaww
canonical/deltaww cncsoft screeneditor
version/deltaww cncsoft screeneditor/1.01.23
vendor/delta industrial automation
canonical/delta industrial automation cncsoft screeneditor
vendor/delta electronics
canonical/delta electronics industrial automation cncsoft screeneditor versions 1.01.23 and prior