Delta Electronics CNCSoft-G2

Plan PatchCVSS 7.8ICS-CERT ICSA-25-308-03Nov 4, 2025

Delta Electronics

Attack path

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

A stack buffer overflow vulnerability exists in Delta Electronics CNCSoft-G2 software versions 2.1.0.27 and earlier. Successful exploitation allows arbitrary code execution in the context of the current process. The vulnerability requires local file system access and user interaction to open a malicious file. This is not remotely exploitable. Delta Electronics has released a fix in version 2.1.0.34.

What this means

What could happen

An attacker with local file access could execute arbitrary code on the machine running CNCSoft-G2, potentially gaining control over the CNC software and any connected industrial equipment or processes it manages.

Who's at risk

Organizations operating Delta Electronics CNCSoft-G2 software for CNC machine control and manufacturing automation should prioritize this update. This includes machining shops, automotive suppliers, aerospace manufacturers, and any facility using Delta CNCs for process control.

How it could be exploited

An attacker must trick a user into opening a malicious file (such as a crafted document or archive) on the machine running CNCSoft-G2. When the file is processed, the vulnerability allows code execution in the context of the software process. This requires physical proximity or prior compromise of a file share accessible to the CNCSoft-G2 workstation.

Prerequisites

Local file system access to the CNCSoft-G2 workstation
User interaction required - victim must open or process a malicious file
CNCSoft-G2 software must be installed and running on the target machine

Stack buffer overflow (CWE-121) - memory corruption riskHigh CVSS score (7.8)User interaction required - social engineering vectorLocal exploitation only - reduces immediate external riskAffects manufacturing control software

Exploitability

Unlikely to be exploited — EPSS score 0.0%

Affected products (1)

ProductAffected VersionsFix Status

CNCSoft-G2: <=2.1.0.27≤ 2.1.0.272.1.0.34

Remediation & Mitigation

0/5

Do now

0/2

HARDENINGRestrict file share access to CNCSoft-G2 workstations to authorized users only

HARDENINGDisable email attachments and file downloads on CNCSoft-G2 workstations, or disable email clients entirely if not required for operation

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate CNCSoft-G2 to version 2.1.0.34 or later

Long-term hardening

0/2

HARDENINGRestrict network access to CNCSoft-G2 workstations and isolate them from the business network

HARDENINGTrain operators not to open unsolicited file attachments or click on untrusted links on CNCSoft-G2 workstations

CVEs (1)

CVE-2025-58317

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/4a475c8b-1e1f-47ea-8523-0ef43d187316

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.