Home

Description

Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.

PUBLISHED Reserved 2025-08-28 | Published 2025-09-24 | Updated 2025-09-24 | Assigner Deltaww




HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Problem types

CWE-121 Stack-based Buffer Overflow

Product status

Default status
unaffected

Any version before 2.1.0.34
affected

Credits

Natnael Samson working with Trend Micro Zero Day Initiative reporter

Jason Forbush of CISA coordinator

References

filecenter.deltaww.com/... Buffer Overflow Vulnerability.pdf

cve.org (CVE-2025-58317)

nvd.nist.gov (CVE-2025-58317)

Download JSON