CVE-2022-4634

HIGH

Delta Electronic's CNCSoft <1.01.34 - Buffer Overflow

Title source: llm

Description

All versions prior to Delta Electronic’s CNCSoft version 1.01.34 (running ScreenEditor versions 1.01.5 and prior) are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code.

References (1)

Core 1

Core References

Patch, Third Party Advisory, US Government Resource

https://www.cisa.gov/uscert/ics/advisories/icsa-23-026-01

Scores

CVSS v3 7.8

EPSS 0.0019

EPSS Percentile 41.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-121 CWE-787

Status published

Products (2)

deltaww/cncsoft < 1.01.34

deltaww/screeneditor < 1.01.5

Published Feb 03, 2023

Tracked Since Feb 18, 2026