OTPulse
FeedAboutContact

Delta Electronics PMSoft

Plan Patch7.1ICS-CERT ICSA-18-116-01Apr 26, 2018
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

PMSoft versions 2.10 and earlier contain a stack-based buffer overflow vulnerability (CWE-121) in file processing logic. Successful exploitation could cause the application to crash or allow arbitrary code execution. The vulnerability is not remotely exploitable; it requires local access and user interaction to open a malicious file. No public exploits are known. Delta Electronics released PMSoft v2.11 as of March 22, 2018, which addresses these vulnerabilities.

What this means
What could happen
A stack-based buffer overflow in PMSoft could allow an attacker with local access to execute arbitrary code on the engineering workstation, potentially enabling modification of process parameters, alarms, or control logic before they are deployed to field devices.
Who's at risk
Engineering teams at water utilities and electric utilities using Delta Electronics PMSoft for HMI configuration and engineering. This affects anyone who develops or modifies control system logic on engineering workstations before deployment to programmable logic controllers (PLCs) and other field devices.
How it could be exploited
An attacker with local or physical access to an engineering workstation running PMSoft could supply a malicious input file (e.g., project file, configuration file, or data import) that triggers a buffer overflow in the application. This could result in application crash or arbitrary code execution with the privileges of the engineering user.
Prerequisites
  • Local or physical access to the engineering workstation running PMSoft
  • User interaction required—the user must open or process a malicious file in PMSoft
  • PMSoft version 2.10 or earlier installed
Low complexity to exploitNo authentication required if attacker has local accessRequires user interaction (file opening)Affects engineering workstations, not field devices directly
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
PMSoft: v 2.10 or prior≤ 2.102.11
Remediation & Mitigation
0/4
Do now
0/1
HARDENINGEducate engineering staff not to open project files or configuration files from untrusted sources
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate PMSoft to version 2.11 or later
Long-term hardening
0/2
HARDENINGRestrict local and physical access to engineering workstations running PMSoft—implement account controls and badge access
HARDENINGIsolate engineering workstations from the business network using a separate VLAN or air gap
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/76e1ce7c-6bbf-4d6b-bef3-387eac522e5a