Delta Electronics DTN Soft

Plan PatchCVSS 7.8ICS-CERT ICSA-25-210-03Jul 29, 2025

Delta Electronics

Attack path

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Delta Electronics DTN Soft contains a vulnerability (CWE-502) that allows arbitrary code execution through a specially crafted project file. The vulnerability affects DTN Soft versions prior to 2.1.0. Exploitation requires local access and user interaction to open a malicious project file.

What this means

What could happen

An attacker could execute arbitrary code on a workstation running DTN Soft by delivering a malicious project file, potentially compromising the engineering station and allowing modification or disruption of DTN control system configurations.

Who's at risk

Organizations operating Delta Electronics DTN Soft-based automation systems should prioritize this, particularly those with DTN Soft engineering workstations that may receive project files from external sources or that have staff working remotely.

How it could be exploited

An attacker crafts a malicious DTN Soft project file and delivers it to an operator or engineer (via email, removable media, or file sharing). When the victim opens the file in DTN Soft, the attacker's code executes on the engineering workstation with the privileges of the user running the application.

Prerequisites

Local access or ability to deliver a file to an engineering workstation
User must open a malicious project file in DTN Soft
DTN Soft version prior to 2.1.0 must be installed

Low attack complexityRequires user interactionCan compromise engineering workstationsLocal exploitation vector only

Exploitability

Some exploitation risk — EPSS score 2.0%

Affected products (1)

ProductAffected VersionsFix Status

DTN Soft: <=2.1.0≤ 2.1.02.1.0+

Remediation & Mitigation

0/5

Do now

0/2

HARDENINGTrain operators and engineers not to open project files from untrusted sources or unexpected communications

HARDENINGImplement email controls to block or quarantine project files (.dtn or equivalent extensions) from external sources

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate DTN Soft to version 2.1.0 or later

HOTFIXUpdate DTM Soft to version 1.6.0.0 or later if installed

Long-term hardening

0/1

HARDENINGIsolate engineering workstations from internet access and restrict file transfer mechanisms from external networks

CVEs (1)

CVE-2025-53416

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/66b0e66e-e210-45f7-80ae-6d5b81c6d385

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.