OTPulse
FeedAboutContact

Delta Electronics ISPSoft

Monitor7.8ICS-CERT ICSA-21-021-01Jan 21, 2021
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Delta Electronics ISPSoft versions 3.12 and earlier contain a use-after-free vulnerability (CWE-416) that could allow an attacker with local access to execute code under the application's privileges. The vulnerability requires user interaction and is not remotely exploitable. Successful exploitation could compromise the engineering workstation and potentially affect connected industrial systems.

What this means
What could happen
An attacker with local access to a machine running ISPSoft could execute arbitrary code with the application's privileges, potentially compromising the engineering workstation and any connected industrial systems.
Who's at risk
Delta Electronics ISPSoft users, particularly those responsible for engineering and configuration of Delta industrial automation equipment in manufacturing, water/wastewater treatment, and power generation facilities. Engineering workstations running ISPSoft version 3.12 or earlier are affected.
How it could be exploited
An attacker must first gain local access to a system running ISPSoft (e.g., through social engineering, malware, or physical access), then trigger the vulnerability through user interaction with a malicious file or input to achieve code execution within the application context.
Prerequisites
  • Local access to the system running ISPSoft
  • User interaction required (user must open a file or perform an action)
  • ISPSoft version 3.12 or earlier
Local exploitation onlyRequires user interactionLow EPSS score (0.3%)Affects engineering workstations
Exploitability
Low exploit probability (EPSS 0.3%)
Affected products (1)
ProductAffected VersionsFix Status
The following≤ 3.12No fix yet
Remediation & Mitigation
0/3
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate ISPSoft to version 3.12.01 or later
Long-term hardening
0/2
HARDENINGRestrict local access to engineering workstations running ISPSoft; limit user accounts and physical access
HARDENINGImplement email security controls and user security awareness training to reduce risk of social engineering and malware delivery
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/66c4c190-ea42-4715-9a86-97663e12195d
Delta Electronics ISPSoft | CVSS 7.8 - OTPulse