Vulnerability Details CVE-2020-27275
Delta Electronics DOPSoft Version 4.0.8.21 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.4%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 9.3
References
- https://us-cert.cisa.gov/ics/advisories/icsa-21-005-05
- https://www.zerodayinitiative.com/advisories/ZDI-21-028/
- https://www.zerodayinitiative.com/advisories/ZDI-21-029/
- https://www.zerodayinitiative.com/advisories/ZDI-21-032/
- https://www.zerodayinitiative.com/advisories/ZDI-21-034/
- https://www.zerodayinitiative.com/advisories/ZDI-21-035/
- https://www.zerodayinitiative.com/advisories/ZDI-21-036/
- https://www.zerodayinitiative.com/advisories/ZDI-21-037/
- https://www.zerodayinitiative.com/advisories/ZDI-21-038/
- https://us-cert.cisa.gov/ics/advisories/icsa-21-005-05
- https://www.zerodayinitiative.com/advisories/ZDI-21-028/
- https://www.zerodayinitiative.com/advisories/ZDI-21-029/
- https://www.zerodayinitiative.com/advisories/ZDI-21-032/
- https://www.zerodayinitiative.com/advisories/ZDI-21-034/
- https://www.zerodayinitiative.com/advisories/ZDI-21-035/
- https://www.zerodayinitiative.com/advisories/ZDI-21-036/
- https://www.zerodayinitiative.com/advisories/ZDI-21-037/
- https://www.zerodayinitiative.com/advisories/ZDI-21-038/
Products affected by CVE-2020-27275
-
cpe:2.3:a:deltaww:dopsoft:-
-
cpe:2.3:a:deltaww:dopsoft:2.00
-
cpe:2.3:a:deltaww:dopsoft:2.00.07
-
cpe:2.3:a:deltaww:dopsoft:4.0.8.21
-
cpe:2.3:a:deltaww:dopsoft:4.00.08.15