Delta Electronics CNCSoft ScreenEditor
Plan Patch7.8ICS-CERT ICSA-21-124-02May 4, 2021
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
CNCSoft ScreenEditor versions before 1.01.30 contain an out-of-bounds write vulnerability (CWE-787) that can be triggered by opening a specially crafted file. Successful exploitation could crash the application or allow arbitrary code execution on the workstation. The vulnerability requires user interaction to open a malicious file, typically via social engineering or email attachment.
What this means
What could happen
An attacker who tricks a user into opening a malicious file could crash CNCSoft ScreenEditor or execute arbitrary code on the engineering workstation, potentially affecting downstream control systems that depend on the software for configuration and monitoring.
Who's at risk
Engineering and automation teams at utilities, manufacturers, and facilities that use Delta Electronics CNCSoft ScreenEditor to configure and manage industrial control systems. This includes power plants, water treatment facilities, HVAC systems, and manufacturing lines that rely on CNCSoft for PLC and motion controller configuration.
How it could be exploited
An attacker crafts a specially formatted file (such as a project file or document) and delivers it via email or social engineering. When a user opens the file in CNCSoft ScreenEditor, an out-of-bounds write occurs in memory, allowing the attacker to execute arbitrary code with the privileges of the logged-in user.
Prerequisites
- User interaction required: victim must open the malicious file in CNCSoft ScreenEditor
- File must be in a format CNCSoft ScreenEditor can parse
- Attacker must have a delivery mechanism (email, USB, file share)
User interaction required (reduces remote exploit likelihood but increases social engineering risk)Potential code execution on engineering workstationAffects configuration tool (could compromise downstream control systems if workstation is trusted)CVSS 7.8 (high)
Exploitability
Low exploit probability (EPSS 0.3%)
Affected products (1)
ProductAffected VersionsFix Status
CNCSoft ScreenEditor:< 1.01.301.01.30
Remediation & Mitigation
0/3
Do now
0/2WORKAROUNDRestrict the ability to open CNCSoft ScreenEditor project files to trusted sources only; disable opening files from untrusted locations or disable the feature if not operationally necessary
HARDENINGTrain users not to open unsolicited email attachments and to verify the source of any files before opening in engineering tools
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate CNCSoft ScreenEditor to version 1.01.30 or later on all engineering workstations
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/c70a875a-a1fa-4549-bb6c-21e1ca09f881