What is the vulnerability ID for this Delta Industrial Automation CNCSoft-B DOPSoft vulnerability?

The vulnerability ID for this Delta Industrial Automation CNCSoft-B DOPSoft vulnerability is CVE-2021-22660.

What is the severity of CVE-2021-22660?

The severity of CVE-2021-22660 is high with a severity value of 7.8.

How can remote attackers exploit CVE-2021-22660?

Remote attackers can exploit CVE-2021-22660 by executing arbitrary code on affected installations of Delta Industrial Automation CNCSoft-B DOPSoft. User interaction is required by visiting a malicious page or opening a malicious file.

Which software is affected by CVE-2021-22660?

Delta Industrial Automation CNCSoft-B DOPSoft versions up to and including 1.0.0.3 are affected by CVE-2021-22660.

How can I fix the Delta Industrial Automation CNCSoft-B DOPSoft vulnerability (CVE-2021-22660)?

To fix the Delta Industrial Automation CNCSoft-B DOPSoft vulnerability (CVE-2021-22660), it is recommended to apply the latest security patches or updates provided by Delta Industrial Automation.

Vulnerability/
CVE-2021-22660

high

7.8

CWE

125

27/4/2021

3/8/2024

CVE-2021-22660: Delta Industrial Automation CNCSoft-B DOPSoft DPA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

First published: Tue Apr 27 2021(Updated: )

CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
Criticalmanufacturing Cncsoft-b	<=1.0.0.3
Delta Industrial Automation CNCSoft-B DOPSoft
Delta Electronics CNCSoft-B Versions 1.0.0.3 and prior

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

ICSA-21-110-05

Frequently Asked Questions

What is the vulnerability ID for this Delta Industrial Automation CNCSoft-B DOPSoft vulnerability?
The vulnerability ID for this Delta Industrial Automation CNCSoft-B DOPSoft vulnerability is CVE-2021-22660.
What is the severity of CVE-2021-22660?
The severity of CVE-2021-22660 is high with a severity value of 7.8.
How can remote attackers exploit CVE-2021-22660?
Remote attackers can exploit CVE-2021-22660 by executing arbitrary code on affected installations of Delta Industrial Automation CNCSoft-B DOPSoft. User interaction is required by visiting a malicious page or opening a malicious file.
Which software is affected by CVE-2021-22660?
Delta Industrial Automation CNCSoft-B DOPSoft versions up to and including 1.0.0.3 are affected by CVE-2021-22660.
How can I fix the Delta Industrial Automation CNCSoft-B DOPSoft vulnerability (CVE-2021-22660)?
To fix the Delta Industrial Automation CNCSoft-B DOPSoft vulnerability (CVE-2021-22660), it is recommended to apply the latest security patches or updates provided by Delta Industrial Automation.

collector/nvd-index
agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/author
agent/title
agent/last-modified-date
agent/description
agent/first-publish-date
agent/references
agent/softwarecombine
agent/event
agent/tags
collector/zdi-advisory
source/ZDI
alias/ZDI-21-445
alias/ZDI-CAN-12413
alias/CVE-2021-22660
agent/software-canonical-lookup
alias/ZDI-21-446
alias/ZDI-CAN-12656
alias/ZDI-21-509
alias/ZDI-CAN-12412
collector/ics-cert-advisory
source/ICS
agent/software-canonical-lookup-request
vendor/criticalmanufacturing
canonical/criticalmanufacturing cncsoft-b
version/criticalmanufacturing cncsoft-b/1.0.0.3
vendor/delta industrial automation
canonical/delta industrial automation cncsoft-b dopsoft
vendor/delta electronics
canonical/delta electronics cncsoft-b versions 1.0.0.3 and prior