Sign-up

ID

VAR-202407-0233


CVE

CVE-2024-39880


TITLE

Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Trust: 7.0

sources: ZDI: ZDI-24-944 // ZDI: ZDI-24-943 // ZDI: ZDI-24-940 // ZDI: ZDI-24-937 // ZDI: ZDI-24-936 // ZDI: ZDI-24-935 // ZDI: ZDI-24-939 // ZDI: ZDI-24-932 // ZDI: ZDI-24-929 // ZDI: ZDI-24-926

DESCRIPTION

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. Delta Electronics CNCSoft-G2 is a human-machine interface (HMI) software from Delta Electronics, a Chinese company

Trust: 12.15

sources: NVD: CVE-2024-39880 // ZDI: ZDI-24-943 // ZDI: ZDI-24-920 // ZDI: ZDI-24-917 // ZDI: ZDI-24-918 // ZDI: ZDI-24-919 // ZDI: ZDI-24-922 // ZDI: ZDI-24-921 // ZDI: ZDI-24-924 // ZDI: ZDI-24-944 // ZDI: ZDI-24-929 // ZDI: ZDI-24-932 // ZDI: ZDI-24-939 // ZDI: ZDI-24-935 // ZDI: ZDI-24-936 // ZDI: ZDI-24-937 // ZDI: ZDI-24-940 // ZDI: ZDI-24-926 // CNVD: CNVD-2024-32986

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2024-32986

AFFECTED PRODUCTS

vendor:deltamodel:cncsoft-g2scope: - version: -

Trust: 11.9

vendor:deltawwmodel:cncsoft-g2scope:eqversion:2.0.0.5

Trust: 1.0

vendor:deltamodel:electronics cncsoft-g2scope:eqversion:2.0.0.5

Trust: 0.6

sources: ZDI: ZDI-24-944 // ZDI: ZDI-24-943 // ZDI: ZDI-24-940 // ZDI: ZDI-24-937 // ZDI: ZDI-24-936 // ZDI: ZDI-24-935 // ZDI: ZDI-24-939 // ZDI: ZDI-24-932 // ZDI: ZDI-24-929 // ZDI: ZDI-24-926 // ZDI: ZDI-24-924 // ZDI: ZDI-24-921 // ZDI: ZDI-24-922 // ZDI: ZDI-24-919 // ZDI: ZDI-24-918 // ZDI: ZDI-24-917 // ZDI: ZDI-24-920 // CNVD: CNVD-2024-32986 // NVD: CVE-2024-39880

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2024-39880
value: HIGH

Trust: 11.9

nvd@nist.gov: CVE-2024-39880
value: HIGH

Trust: 1.0

ics-cert@hq.dhs.gov: CVE-2024-39880
value: HIGH

Trust: 1.0

CNVD: CNVD-2024-32986
value: HIGH

Trust: 0.6

CNVD: CNVD-2024-32986
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

ZDI: CVE-2024-39880
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 11.9

nvd@nist.gov: CVE-2024-39880
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ics-cert@hq.dhs.gov: CVE-2024-39880
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: ZDI: ZDI-24-944 // ZDI: ZDI-24-943 // ZDI: ZDI-24-940 // ZDI: ZDI-24-937 // ZDI: ZDI-24-936 // ZDI: ZDI-24-935 // ZDI: ZDI-24-939 // ZDI: ZDI-24-932 // ZDI: ZDI-24-929 // ZDI: ZDI-24-926 // ZDI: ZDI-24-924 // ZDI: ZDI-24-921 // ZDI: ZDI-24-922 // ZDI: ZDI-24-919 // ZDI: ZDI-24-918 // ZDI: ZDI-24-917 // ZDI: ZDI-24-920 // CNVD: CNVD-2024-32986 // NVD: CVE-2024-39880 // NVD: CVE-2024-39880

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:CWE-787

Trust: 1.0

sources: NVD: CVE-2024-39880

PATCH

title:Delta Electronics has issued an update to correct this vulnerability.url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-01

Trust: 11.9

title:Patch for Delta Electronics CNCSoft-G2 Buffer Overflow Vulnerability (CNVD-2024-32986)url:https://www.cnvd.org.cn/patchInfo/show/571021

Trust: 0.6

sources: ZDI: ZDI-24-944 // ZDI: ZDI-24-943 // ZDI: ZDI-24-940 // ZDI: ZDI-24-937 // ZDI: ZDI-24-936 // ZDI: ZDI-24-935 // ZDI: ZDI-24-939 // ZDI: ZDI-24-932 // ZDI: ZDI-24-929 // ZDI: ZDI-24-926 // ZDI: ZDI-24-924 // ZDI: ZDI-24-921 // ZDI: ZDI-24-922 // ZDI: ZDI-24-919 // ZDI: ZDI-24-918 // ZDI: ZDI-24-917 // ZDI: ZDI-24-920 // CNVD: CNVD-2024-32986

EXTERNAL IDS

db:NVDid:CVE-2024-39880

Trust: 13.5

db:ICS CERTid:ICSA-24-191-01

Trust: 1.6

db:ZDI_CANid:ZDI-CAN-23916

Trust: 0.7

db:ZDIid:ZDI-24-944

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23915

Trust: 0.7

db:ZDIid:ZDI-24-943

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23841

Trust: 0.7

db:ZDIid:ZDI-24-940

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23811

Trust: 0.7

db:ZDIid:ZDI-24-937

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23809

Trust: 0.7

db:ZDIid:ZDI-24-936

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23807

Trust: 0.7

db:ZDIid:ZDI-24-935

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23832

Trust: 0.7

db:ZDIid:ZDI-24-939

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23767

Trust: 0.7

db:ZDIid:ZDI-24-932

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23764

Trust: 0.7

db:ZDIid:ZDI-24-929

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23581

Trust: 0.7

db:ZDIid:ZDI-24-926

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23579

Trust: 0.7

db:ZDIid:ZDI-24-924

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23576

Trust: 0.7

db:ZDIid:ZDI-24-921

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23577

Trust: 0.7

db:ZDIid:ZDI-24-922

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23574

Trust: 0.7

db:ZDIid:ZDI-24-919

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23573

Trust: 0.7

db:ZDIid:ZDI-24-918

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23572

Trust: 0.7

db:ZDIid:ZDI-24-917

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-23575

Trust: 0.7

db:ZDIid:ZDI-24-920

Trust: 0.7

db:CNVDid:CNVD-2024-32986

Trust: 0.6

sources: ZDI: ZDI-24-944 // ZDI: ZDI-24-943 // ZDI: ZDI-24-940 // ZDI: ZDI-24-937 // ZDI: ZDI-24-936 // ZDI: ZDI-24-935 // ZDI: ZDI-24-939 // ZDI: ZDI-24-932 // ZDI: ZDI-24-929 // ZDI: ZDI-24-926 // ZDI: ZDI-24-924 // ZDI: ZDI-24-921 // ZDI: ZDI-24-922 // ZDI: ZDI-24-919 // ZDI: ZDI-24-918 // ZDI: ZDI-24-917 // ZDI: ZDI-24-920 // CNVD: CNVD-2024-32986 // NVD: CVE-2024-39880

REFERENCES

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-01

Trust: 13.5

sources: ZDI: ZDI-24-944 // ZDI: ZDI-24-943 // ZDI: ZDI-24-940 // ZDI: ZDI-24-937 // ZDI: ZDI-24-936 // ZDI: ZDI-24-935 // ZDI: ZDI-24-939 // ZDI: ZDI-24-932 // ZDI: ZDI-24-929 // ZDI: ZDI-24-926 // ZDI: ZDI-24-924 // ZDI: ZDI-24-921 // ZDI: ZDI-24-922 // ZDI: ZDI-24-919 // ZDI: ZDI-24-918 // ZDI: ZDI-24-917 // ZDI: ZDI-24-920 // CNVD: CNVD-2024-32986 // NVD: CVE-2024-39880

CREDITS

Natnael Samson (@NattiSamson)

Trust: 9.8

sources: ZDI: ZDI-24-937 // ZDI: ZDI-24-936 // ZDI: ZDI-24-935 // ZDI: ZDI-24-939 // ZDI: ZDI-24-932 // ZDI: ZDI-24-929 // ZDI: ZDI-24-926 // ZDI: ZDI-24-924 // ZDI: ZDI-24-921 // ZDI: ZDI-24-922 // ZDI: ZDI-24-919 // ZDI: ZDI-24-918 // ZDI: ZDI-24-917 // ZDI: ZDI-24-920

SOURCES

db:ZDIid:ZDI-24-944
db:ZDIid:ZDI-24-943
db:ZDIid:ZDI-24-940
db:ZDIid:ZDI-24-937
db:ZDIid:ZDI-24-936
db:ZDIid:ZDI-24-935
db:ZDIid:ZDI-24-939
db:ZDIid:ZDI-24-932
db:ZDIid:ZDI-24-929
db:ZDIid:ZDI-24-926
db:ZDIid:ZDI-24-924
db:ZDIid:ZDI-24-921
db:ZDIid:ZDI-24-922
db:ZDIid:ZDI-24-919
db:ZDIid:ZDI-24-918
db:ZDIid:ZDI-24-917
db:ZDIid:ZDI-24-920
db:CNVDid:CNVD-2024-32986
db:NVDid:CVE-2024-39880

LAST UPDATE DATE

2024-12-21T23:03:12.995000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-24-944date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-943date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-940date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-937date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-936date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-935date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-939date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-932date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-929date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-926date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-924date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-921date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-922date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-919date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-918date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-917date:2024-08-15T00:00:00
db:ZDIid:ZDI-24-920date:2024-08-15T00:00:00
db:CNVDid:CNVD-2024-32986date:2024-07-17T00:00:00
db:NVDid:CVE-2024-39880date:2024-08-29T17:38:18.727

SOURCES RELEASE DATE

db:ZDIid:ZDI-24-944date:2024-07-22T00:00:00
db:ZDIid:ZDI-24-943date:2024-07-22T00:00:00
db:ZDIid:ZDI-24-940date:2024-07-22T00:00:00
db:ZDIid:ZDI-24-937date:2024-07-22T00:00:00
db:ZDIid:ZDI-24-936date:2024-07-22T00:00:00
db:ZDIid:ZDI-24-935date:2024-07-22T00:00:00
db:ZDIid:ZDI-24-939date:2024-07-22T00:00:00
db:ZDIid:ZDI-24-932date:2024-07-22T00:00:00
db:ZDIid:ZDI-24-929date:2024-07-22T00:00:00
db:ZDIid:ZDI-24-926date:2024-07-31T00:00:00
db:ZDIid:ZDI-24-924date:2024-07-22T00:00:00
db:ZDIid:ZDI-24-921date:2024-07-22T00:00:00
db:ZDIid:ZDI-24-922date:2024-07-22T00:00:00
db:ZDIid:ZDI-24-919date:2024-07-22T00:00:00
db:ZDIid:ZDI-24-918date:2024-07-22T00:00:00
db:ZDIid:ZDI-24-917date:2024-07-22T00:00:00
db:ZDIid:ZDI-24-920date:2024-07-22T00:00:00
db:CNVDid:CNVD-2024-32986date:2024-07-17T00:00:00
db:NVDid:CVE-2024-39880date:2024-07-09T22:15:02.740