OTPulse
FeedAboutContact

Delta Electronics CNCSoft-B

Plan Patch7.8ICS-CERT ICSA-21-110-05Apr 20, 2021
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

CNCSoft-B versions 1.0.0.3 and earlier contain buffer overflow vulnerabilities (CWE-125, CWE-787) that can be exploited for arbitrary code execution. The vulnerabilities require local access and user interaction, and are not remotely exploitable. Successful exploitation could allow an attacker to run arbitrary code within the CNCSoft-B application context.

What this means
What could happen
An attacker with local access to a machine running CNCSoft-B could execute arbitrary code with the privileges of the user running the application, potentially allowing them to modify CNC program logic, alter machine parameters, or disrupt manufacturing operations.
Who's at risk
Manufacturing facilities and machine shops using Delta Electronics CNCSoft-B for CNC programming and control on Windows engineering workstations. This affects any operator or programmer who uses CNCSoft-B to develop or modify CNC machine programs.
How it could be exploited
The vulnerability requires local access to the affected system and user interaction (clicking a link or opening a malicious file). Once triggered, the attacker can execute arbitrary code within the application context, potentially gaining control over the CNC software and any connected machinery.
Prerequisites
  • Local access to the machine running CNCSoft-B
  • User interaction required (clicking a link or opening a file)
  • CNCSoft-B version 1.0.0.3 or earlier installed
Local access requiredUser interaction requiredLow attack complexityNo known public exploitsLow EPSS score (0.4%)
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (1)
ProductAffected VersionsFix Status
CNCSoft-B:≤ 1.0.0.31.0.0.4
Remediation & Mitigation
0/4
Do now
0/1
HARDENINGEducate users on recognizing and avoiding email phishing and social engineering attacks to reduce risk of local exploitation
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate CNCSoft-B to version 1.0.0.4 or later on all affected systems
Long-term hardening
0/2
HARDENINGImplement network segmentation to limit lateral movement if a CNCSoft-B workstation is compromised
HARDENINGApply defense-in-depth strategies including restricting local admin privileges on engineering workstations running CNCSoft-B
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/b0c5df1a-f192-49b5-b919-83cf5f9ca5e0
Delta Electronics CNCSoft-B | CVSS 7.8 - OTPulse