OTPulse
FeedAboutContact

Delta Electronics CNCSoft-G2

Plan Patch7.8ICS-CERT ICSA-25-308-03Nov 4, 2025
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Delta Electronics CNCSoft-G2 versions 2.1.0.27 and earlier contain a stack buffer overflow vulnerability (CWE-121) that allows attackers to execute arbitrary code in the context of the current process. Exploitation requires local access and user interaction (opening untrusted content or clicking malicious links).

What this means
What could happen
An attacker could execute arbitrary code on a workstation running CNCSoft-G2, potentially compromising engineering data, process logic, or control functions if the workstation is used to configure or program industrial equipment.
Who's at risk
Engineering and maintenance personnel at utilities and industrial facilities who use Delta Electronics CNCSoft-G2 for configuring or troubleshooting control systems and programmable logic controllers (PLCs). This includes water authorities, electric utilities, and manufacturing plants that rely on Delta automation equipment.
How it could be exploited
An attacker would need to trick a user with CNCSoft-G2 running to open a malicious file or click a untrusted link (e.g., via phishing email). Once executed, the buffer overflow in CNCSoft-G2 could allow code execution with the privileges of the user running the software.
Prerequisites
  • CNCSoft-G2 version 2.1.0.27 or earlier installed on workstation
  • Local or network access to the workstation
  • User interaction required: victim must open untrusted attachment or click malicious link
Low complexityLocal access requiredUser interaction requiredStack buffer overflowAffects engineering workstations
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
CNCSoft-G2: <=2.1.0.27≤ 2.1.0.272.1.0.34
Remediation & Mitigation
0/4
Do now
0/1
HARDENINGDo not click on untrusted Internet links or open unsolicited email attachments
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate CNCSoft-G2 to version 2.1.0.34 or later
Long-term hardening
0/2
HARDENINGIsolate engineering workstations running CNCSoft-G2 from the Internet and business networks when not in use for remote configuration
HARDENINGIf remote access to engineering workstations is required, use a VPN with the most current patches and configurations
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/4a475c8b-1e1f-47ea-8523-0ef43d187316
Delta Electronics CNCSoft-G2 | CVSS 7.8 - OTPulse