Delta Electronics CNCSoft-G2

Plan PatchCVSS 7.8ICS-CERT ICSA-25-240-04Aug 28, 2025

Delta Electronics

Attack path

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Delta Electronics CNCSoft-G2 versions 2.1.0.20 and earlier contain an out-of-bounds write vulnerability (CWE-787) that allows local attackers to execute arbitrary code on systems running the software. Successful exploitation requires user interaction to open or process a specially crafted file. The vulnerability is not remotely exploitable.

What this means

What could happen

An attacker with local access to a machine running CNCSoft-G2 could execute arbitrary code through a crafted file, potentially compromising CNC software integrity and enabling manipulation of machining operations or data theft from the control software.

Who's at risk

CNC machine operators and manufacturers using Delta Electronics CNCSoft-G2 software for machining control and programming should care. This affects facilities relying on the software for production control, including job shops, contract manufacturers, and precision metal/composites fabricators.

How it could be exploited

An attacker must be able to interact with the local system running CNCSoft-G2 (via physical access, compromised network share, or tricked user). The attacker creates a malformed input or file that triggers an out-of-bounds write vulnerability when the application processes it. This allows code execution in the context of the running application.

Prerequisites

Local access to the system running CNCSoft-G2
User interaction (the user must open or process a crafted file)
CNCSoft-G2 version 2.1.0.20 or earlier running on the system

no authentication requiredlow complexityuser interaction requiredlocal access only

Exploitability

Unlikely to be exploited — EPSS score 0.0%

Affected products (1)

ProductAffected VersionsFix Status

CNCSoft-G2: <=2.1.0.20≤ 2.1.0.202.1.0.27

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDRestrict file share access and disable network shares hosting CNCSoft-G2 files on untrusted network segments

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate CNCSoft-G2 to version 2.1.0.27 or later

Long-term hardening

0/1

HARDENINGTrain users not to open untrusted files or click links from unsolicited emails that may deliver malicious files targeting CNCSoft-G2

CVEs (1)

CVE-2025-47728

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/92738b6a-7d68-4749-8f3b-96840425e996

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.