OTPulse
FeedAboutContact

Delta Electronics DTM Soft

Plan Patch7.8ICS-CERT ICSA-24-354-03Dec 19, 2024
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Delta Electronics DTM Soft versions 1.30 and earlier contain a deserialization vulnerability (CWE-502) that allows local attackers to execute arbitrary code when a user interacts with specially crafted input. The vulnerability is not remotely exploitable and requires local access to the device. No public exploitation has been reported. Delta Electronics has released version 1.60 to address this issue.

What this means
What could happen
An attacker with local access to a device running DTM Soft could execute arbitrary code, potentially allowing them to alter or disrupt the device's control functions or steal sensitive data.
Who's at risk
Organizations using Delta Electronics DTM Soft for industrial process control or monitoring should prioritize this update. DTM Soft is commonly used in manufacturing, power generation, and utility automation environments where it manages or monitors critical equipment.
How it could be exploited
An attacker must first gain local access to a device running DTM Soft (e.g., via physical access, malware, or lateral movement on a compromised workstation). Once local, the attacker can exploit the deserialization vulnerability (CWE-502) to execute arbitrary code with the privileges of the DTM Soft application.
Prerequisites
  • Local access to a device running vulnerable DTM Soft
  • User interaction required (must open or interact with a malicious input)
  • DTM Soft version 1.30 or earlier
Local access required but user interaction neededNo authentication bypassHigh impact (code execution)Affects automation/control software
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
DTM Soft: <=1.30≤ 1.301.60
Remediation & Mitigation
0/4
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate DTM Soft to version 1.60 or later
Long-term hardening
0/3
HARDENINGIsolate DTM Soft systems and control system networks from business networks using firewalls
HARDENINGEnsure DTM Soft devices are not accessible from the internet
HARDENINGIf remote access is required, use a VPN with current security updates
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/96e252f9-921a-40f8-8f9c-e0f04441e702
Delta Electronics DTM Soft | CVSS 7.8 - OTPulse