Vulnerability Details CVE-2020-27287
Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- https://us-cert.cisa.gov/ics/advisories/icsa-21-007-04
- https://www.zerodayinitiative.com/advisories/ZDI-21-030/
- https://www.zerodayinitiative.com/advisories/ZDI-21-031/
- https://www.zerodayinitiative.com/advisories/ZDI-21-041/
- https://www.zerodayinitiative.com/advisories/ZDI-21-043/
- https://www.zerodayinitiative.com/advisories/ZDI-21-044/
- https://us-cert.cisa.gov/ics/advisories/icsa-21-007-04
- https://www.zerodayinitiative.com/advisories/ZDI-21-030/
- https://www.zerodayinitiative.com/advisories/ZDI-21-031/
- https://www.zerodayinitiative.com/advisories/ZDI-21-041/
- https://www.zerodayinitiative.com/advisories/ZDI-21-043/
- https://www.zerodayinitiative.com/advisories/ZDI-21-044/