Delta Electronics COMMGR

Plan PatchCVSS 8.6ICS-CERT ICSA-25-240-05Aug 28, 2025

Delta Electronics

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Delta Electronics COMMGR versions 2.9.0 and earlier contain a stack buffer overflow and code injection vulnerability that could allow an attacker to execute arbitrary code. The vulnerability affects COMMGR communications management software used in industrial control systems.

What this means

What could happen

An attacker could execute arbitrary code on Delta COMMGR systems, potentially allowing them to alter control logic, modify setpoints, or disrupt communications in industrial automation environments.

Who's at risk

Operations managers and engineers using Delta COMMGR in manufacturing facilities, power plants, water systems, and other critical infrastructure where Delta automation controllers manage process communications and data logging.

How it could be exploited

An attacker with network access to a COMMGR device could exploit a stack buffer overflow or code injection vulnerability to run arbitrary commands with the privileges of the COMMGR process. This could occur through malicious network traffic or by convincing a user to interact with a crafted payload.

Prerequisites

Network access to the COMMGR device on port 80, 443, or the service port
COMMGR version 2.9.0 or earlier

remotely exploitableno authentication requiredlow complexityarbitrary code executionaffects industrial control communications

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (1)

ProductAffected VersionsFix Status

COMMGR: <=v2.9.0≤ v2.9.0v2.10.0

Remediation & Mitigation

0/4

Do now

0/2

HARDENINGIsolate COMMGR from direct internet exposure and place behind a firewall

HARDENINGRestrict network access to COMMGR to only authorized engineering workstations and control systems

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate COMMGR to version 2.10.0 or later

HARDENINGIf remote access to COMMGR is required, enforce use of a VPN with strong authentication

CVEs (2)

CVE-2025-53418 CVE-2025-53419

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/ab33a847-409a-46e8-a73b-e12a976dd7c9

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.