OTPulse
FeedAboutContact

Delta Electronics Delta Industrial Automation PMSoft

Monitor4.3ICS-CERT ICSA-18-270-04Sep 27, 2018
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Delta Industrial Automation PMSoft v2.11 and prior contain an out-of-bounds read vulnerability (CWE-125) that allows an attacker to read confidential information from the application. The vulnerability is triggered via a specially crafted network request and requires no authentication or user interaction. Affected information could include process parameters, operational data, and system configuration details.

What this means
What could happen
An attacker could read confidential information from PMSoft systems, such as process parameters, historical data, or configuration details that could enable further attacks or process manipulation.
Who's at risk
Manufacturing facilities using Delta Industrial Automation PMSoft for process monitoring and control need to secure these systems. PMSoft is typically used to collect, display, and store industrial process data from PLCs and other control devices.
How it could be exploited
An attacker sends a specially crafted request to the PMSoft application over the network. The application processes the request without proper input validation, exposing sensitive data that the attacker can read. No user interaction is required beyond the initial network connection.
Prerequisites
  • Network access to the PMSoft application
  • No authentication required
  • User does not need to take action to trigger the vulnerability
remotely exploitableno authentication requiredlow complexityaffects industrial data confidentiality
Exploitability
Low exploit probability (EPSS 0.6%)
Affected products (1)
ProductAffected VersionsFix Status
Delta Industrial Automation PMSoft: v2.11 or prior≤ 2.112.12 or later
Remediation & Mitigation
0/4
Do now
0/2
HARDENINGRestrict network access to PMSoft systems by placing them behind firewalls and isolating them from the business network
HARDENINGDisable direct Internet access to PMSoft systems; if remote access is required, use secure VPN connections
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Delta Industrial Automation PMSoft to version 2.12 or later
Long-term hardening
0/1
HARDENINGMinimize network exposure by ensuring PMSoft systems are not directly accessible from external networks
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/4181d128-31b4-487b-b803-20c0dbbdf047