January 13, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert –APT28 FancyBear Group – Active IOCs
January 23, 2024
Rewterz Threat Alert –An Emerging Ducktail Infostealer – Active IOCs
January 23, 2024
Rewterz Threat Alert –APT28 FancyBear Group – Active IOCs
January 23, 2024
Rewterz Threat Alert –An Emerging Ducktail Infostealer – Active IOCs
January 23, 2024
Severity
High
Analysis Summary
CVE-2024-43816 CVSS:7.8
Delta Electronics Delta Industrial Automation DOPSoft is vulnerable to a buffer overflow, caused by improper bounds checking when parsing the wKPFStringLen field of a DPS file. By persuading a victim to open a specially crafted DPS file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2024-43817 CVSS:7.8
Delta Electronics Delta Industrial Automation DOPSoft is vulnerable to a buffer overflow, caused by improper bounds checking when parsing the wMailContentLen field of a DPS file. By persuading a victim to open a specially crafted DPS file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2024-43818 CVSS:7.8
Delta Electronics Delta Industrial Automation DOPSoft is vulnerable to a buffer overflow, caused by improper bounds checking when parsing DPS files. By persuading a victim to open a specially crafted DPS file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2024-43819 CVSS:7.8
Delta Electronics Delta Industrial Automation DOPSoft is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when parsing the InitialMacroLen field of a DPS file. By persuading a victim to open a specially crafted DPS file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2024-43820 CVSS:7.8
Delta Electronics Delta Industrial Automation DOPSoft is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when parsing the wLogTitlesPrevValueLen field of a DPS file. By persuading a victim to open a specially crafted DPS file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2024-43821 CVSS:7.8
Delta Electronics Delta Industrial Automation DOPSoft is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when parsing the wLogTitlesActionLen field of a DPS file. By persuading a victim to open a specially crafted DPS file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2024-43822 CVSS:7.8
Delta Electronics Delta Industrial Automation DOPSoft is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when parsing the wLogTitlesTimeLen field of a DPS file. By persuading a victim to open a specially crafted DPS file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2024-43823 CVSS:7.8
Delta Electronics Delta Industrial Automation DOPSoft is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when parsing the wTTitleLen field of a DPS file. By persuading a victim to open a specially crafted DPS file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2024-43824 CVSS:7.8
Delta Electronics Delta Industrial Automation DOPSoft is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when parsing the wTitleTextLen field of a DPS file. By persuading a victim to open a specially crafted DPS file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
Impact
- Gain Access
- Buffer Overflow
Indicators Of Compromise
CVE
- CVE-2024-43816
- CVE-2024-43817
- CVE-2024-43818
- CVE-2024-43819
- CVE-2024-43820
- CVE-2024-43821
- CVE-2024-43822
- CVE-2024-43823
- CVE-2024-43824
Affected Vendors
Delta
Affected Products
- Delta Electronics Delta Industrial Automation DOPSoft 4.00.16.30
Remediation
Refer to Delta Electronics Website for patch, upgrade or suggested workaround information.