CVE-2017-16745
HIGHDelta Industrial Automation Screen Editor < 2.00.23.00 - Remote Code Execution via Crafted .dpb File
Title source: llmDescription
A Type Confusion issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. An access of resource using incompatible type ('type confusion') vulnerability may allow an attacker to execute remote code when processing specially crafted .dpb files.
References (2)
Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-004-01
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/102426
Scores
CVSS v3
7.8
EPSS
0.0109
EPSS Percentile
60.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-843
CWE-704
Status
published
Products (1)
deltaww/delta_industrial_automation_screen_editor
< 2.00.23.00
Published
Mar 15, 2018
Tracked Since
Feb 18, 2026