Description
Delta Electronics CNCSoft (Version 1.01.30) and prior) is vulnerable to an out-of-bounds read while processing a specific project file, which may allow an attacker to disclose information.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
Low
Affected products
- Delta Electronics / CNCSoftunspecified – 1.01.30
References
- VENDOR_ADVISORYhttps://www.cisa.gov/uscert/ics/advisories/icsa-21-350-02