Delta Electronics CNCSoft-B DOPSoft

Plan Patch7.8ICS-CERT ICSA-23-157-01Jun 6, 2023

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Buffer overflow vulnerabilities exist in Delta Electronics CNCSoft-B DOPSoft versions prior to 4.0.0.82. Successful exploitation requires local access and user interaction (opening a malicious file). An attacker could execute arbitrary code on the engineering workstation, potentially leading to unauthorized modification of PLC programs, HMI configurations, or theft of control system credentials. No public exploits are known, and the vulnerabilities are not remotely exploitable.

What this means

What could happen

A local attacker with user interaction could exploit a buffer overflow in CNCSoft-B to run arbitrary code on an engineering workstation, potentially allowing them to modify PLC programs, HMI configurations, or steal credentials for control system access.

Who's at risk

Delta Electronics CNCSoft-B users, particularly those in manufacturing, water/wastewater, and power generation facilities who use DOPSoft for HMI and PLC programming. This affects engineering and programming workstations connected to or supporting Delta control systems (PLCs, HMIs, motion controllers).

How it could be exploited

An attacker must trick a user into opening a malicious file (e.g., project file, configuration file) in CNCSoft-B on an engineering workstation. The buffer overflow in file parsing code would then execute attacker-controlled code in the context of the workstation user. From there, the attacker could access connected PLCs or HMIs on the control network.

Prerequisites

Local access to or ability to send a malicious file to an engineering workstation running CNCSoft-B
User interaction required to open the malicious file
CNCSoft-B version prior to 4.0.0.82 installed on the workstation

Buffer overflow vulnerabilityLocal exploitation requiredUser interaction requiredAffects engineering workstationsCould lead to unauthorized control system modification

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (1)

ProductAffected VersionsFix Status

CNCSoft-B DOPSoft: < 4.0.0.82< 4.0.0.824.0.0.82

Remediation & Mitigation

0/5

Do now

0/1

WORKAROUNDDisable file auto-open or preview features in CNCSoft-B if available, and train users not to open files from untrusted sources

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate CNCSoft-B to version 4.0.0.82 or later

Long-term hardening

0/3

HARDENINGImplement network segmentation to isolate engineering workstations running CNCSoft-B from the internet and untrusted networks

HARDENINGPlace control system networks behind firewalls and restrict access to engineering stations from outside the facility

HARDENINGIf remote engineering access is needed, require VPN with multi-factor authentication

CVEs (3)

CVE-2023-25177 CVE-2023-24014 CVE-2023-4685

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/981649c4-0c9d-490c-bed2-7298d9f98b97