

Rewterz Threat Alert – Multi-Stage Rietspoof Malware Drops Multiple Malicious Payloads
February 20, 2019
Rewterz Threat Advisory – Microsoft PowerShell Core Multiple Security Bypass Vulnerabilities
February 20, 2019
Rewterz Threat Alert – Multi-Stage Rietspoof Malware Drops Multiple Malicious Payloads
February 20, 2019
Rewterz Threat Advisory – Microsoft PowerShell Core Multiple Security Bypass Vulnerabilities
February 20, 2019Severity: Medium
Analysis Summary
An Out-of-bounds Read vulnerability is found in Delta Industrial Automation CNCSoft. The vulnerability is due to improper user input validation for processing project files. Successful exploitation of this vulnerability could cause a buffer overflow condition that may allow information disclosure or crash the application.
Impact
Information Disclosure
Application Crash
Affected Products
CNCSoft ScreenEditor Version 1.00.84 and prior
Remediation
Researchers recommend taking following defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet. Locate control system networks and remote devices behind firewalls, and isolate them from the business network. When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available.