CVE-2020-16203

HIGH

Delta Industrial Automation CNCSoft ScreenEditor <1.01.23 - RCE

Title source: llm

Description

Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. An uninitialized pointer may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.

References (2)

[Patch, Third Party Advisory, US Government Resource] https://us-cert.cisa.gov/ics/advisories/icsa-20-217-01

[Third Party Advisory, VDB Entry] https://www.zerodayinitiative.com/advisories/ZDI-20-948/

Scores

CVSS v3 7.8

EPSS 0.0021

EPSS Percentile 42.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-824

Status published

Products (1)

deltaww/cncsoft_screeneditor < 1.01.23

Published Aug 04, 2020

Tracked Since Feb 18, 2026