CVE-2018-10623
Last modified
CVE-2018-10623 is a vulnerability of currently unknown severity. Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. This may cause improper restriction of operations within the bounds of the memory buffer, allow remote code execution, alter the intended control flow, allow reading of sensitive information, or cause the application to crash.. EPSS estimates a 3.58% chance of exploitation in the next 30 days.
Description
Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. This may cause improper restriction of operations within the bounds of the memory buffer, allow remote code execution, alter the intended control flow, allow reading of sensitive information, or cause the application to crash.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Deltaww | Delta Industrial Automation Dopsoft | <= 4.00.04 |
References
- http://www.securityfocus.com/bid/104375Third Party Advisory, VDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-151-01Third Party Advisory, US Government Resource
- http://www.securityfocus.com/bid/104375Third Party Advisory, VDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-151-01Third Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-10623?
How severe is CVE-2018-10623?
How do I fix CVE-2018-10623?
Are you affected by CVE-2018-10623?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST