Skip to main content
Cybersecurity

Delta Electronics CNCSoft-G2: Revolutionizing CNC Control Solutions

Delta Electronics CNCSoft-G2: Revolutionizing CNC Control Solutions

Technical Report on Delta Electronics CNCSoft-G2 Vulnerability

1. EXECUTIVE SUMMARY

  • CVSS v4 Score: 8.5
  • Attack Complexity: Low
  • Vendor: Delta Electronics
  • Product: CNCSoft-G2
  • Vulnerability Type: Heap-based Buffer Overflow

2. RISK EVALUATION

The identified vulnerability in Delta Electronics’ CNCSoft-G2 could allow an attacker to execute arbitrary code remotely, posing significant risks to operational integrity and security. The potential for exploitation necessitates immediate attention from users and stakeholders in critical sectors.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

Delta Electronics has confirmed that the following versions of CNCSoft-G2 are vulnerable:

  • CNCSoft-G2: Versions V2.1.0.10 and earlier

3.2 VULNERABILITY OVERVIEW

3.2.1 HEAP-BASED BUFFER OVERFLOW CWE-122

The CNCSoft-G2 software lacks adequate validation of user-supplied data length before copying it to a fixed-length heap-based buffer. This oversight allows attackers to exploit the vulnerability by tricking users into accessing malicious content, leading to potential code execution within the context of the affected process.

The vulnerability has been cataloged under CVE-2025-22881, with a CVSS v3.1 base score of 7.8 and a CVSS v4 score of 8.5, indicating a high severity level. The CVSS vector strings for both versions provide detailed metrics on the attack vectors and potential impacts.

3.3 BACKGROUND

  • CRITICAL INFRASTRUCTURE SECTORS: Energy, Critical Manufacturing
  • DEPLOYMENT: Worldwide
  • HEADQUARTERS: Taiwan

3.4 RESEARCHER

This vulnerability was reported to the Cybersecurity and Infrastructure Security Agency (CISA) by Trend Micro’s Zero Day Initiative, highlighting the collaborative efforts in identifying and mitigating cybersecurity threats.

4. MITIGATIONS

Delta Electronics advises users to upgrade to CNCSoft-G2 v2.1.0.20 or later to mitigate the risk associated with this vulnerability. Additionally, a product cybersecurity advisory has been published, detailing the issue and recommended actions.

To enhance cybersecurity posture, Delta Electronics recommends the following practices:

  • Exercise caution: Avoid clicking on untrusted links or opening unsolicited email attachments.
  • Network security: Do not expose control systems to the Internet; use firewalls to isolate systems from business networks.
  • Remote access: When necessary, utilize secure methods such as VPNs for remote connections.

CISA also emphasizes the importance of conducting thorough impact analyses and risk assessments before implementing defensive measures. Organizations are encouraged to adopt recommended cybersecurity strategies to proactively defend their industrial control systems (ICS) assets.

While no public exploitation of this vulnerability has been reported, it is crucial for organizations to remain vigilant and report any suspicious activities to CISA for further investigation.

5. UPDATE HISTORY

  • March 4, 2025: Initial Publication