CVE-2020-27281

HIGH

Delta Electronics CNCSoft ScreenEditor <1.01.26 - Buffer Overflow

Title source: llm
STIX 2.1

Description

A stack-based buffer overflow may exist in Delta Electronics CNCSoft ScreenEditor versions 1.01.26 and prior when processing specially crafted project files, which may allow an attacker to execute arbitrary code.

References (2)

Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://us-cert.cisa.gov/ics/advisories/icsa-21-005-06
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-21-039/

Scores

CVSS v3 7.8
EPSS 0.0037
EPSS Percentile 58.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-121 CWE-787
Status published
Products (1)
deltaww/cncsoft_screeneditor < 1.01.26
Published Jan 11, 2021
Tracked Since Feb 18, 2026