Delta Electronics DIAScreen

Plan PatchCVSS 7.8ICS-CERT ICSA-24-312-02Nov 7, 2024

Delta Electronics

Attack path

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

DIAScreen versions prior to v1.5.0 contain a buffer overflow vulnerability that could allow code execution. The vulnerability is triggered through social engineering (malicious links or attachments) and requires local access to the system. No public exploitation has been reported.

What this means

What could happen

A buffer overflow in DIAScreen could allow an attacker with local access to execute arbitrary commands on the device, potentially disrupting control screen operations or accessing sensitive data displayed on the screen.

Who's at risk

Organizations running Delta Electronics DIAScreen monitoring and visualization software are affected. This impacts water utilities, power systems, and other industrial facilities that use DIAScreen for control screen display and operator interfaces.

How it could be exploited

An attacker must have local access to a system running DIAScreen and trick a user into clicking a malicious link or opening a crafted attachment. Upon successful exploitation of the buffer overflow, the attacker gains code execution with the privileges of the logged-in user.

Prerequisites

Local access to the DIAScreen system
User interaction required (clicking link or opening attachment)
DIAScreen version below v1.5.0

Buffer overflow vulnerabilityLow attack complexityUser interaction requiredLocal access only

Exploitability

Some exploitation risk — EPSS score 2.0%

Affected products (1)

ProductAffected VersionsFix Status

DIAScreen: <v1.5.0<v1.5.0v1.5.0

Remediation & Mitigation

0/1

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate DIAScreen to version v1.5.0 or later on all affected systems

CVEs (3)

CVE-2024-47131 CVE-2024-39605 CVE-2024-39354

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/762e2fb1-89fb-490e-865b-33ac1e4090e8

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.