You are here

Delta Electronics Delta Industrial Automation COMMGR (ICSA-18-172-01) – Product Used in the Energy Sector

Delta Electronics Delta Industrial Automation COMMGR (ICSA-18-172-01) – Product Used in the Energy Sector

Created: Tuesday, June 26, 2018 - 07:59
Categories:
Cybersecurity

The NCCIC has released an advisory on a stack-based buffer overflow vulnerability in Delta Electronics Delta Industrial Automation COMMGR. COMMGR Version 1.08 and prior are affected. Successful exploitation of this vulnerability may allow remote code execution, cause the application to crash, or cause a denial-of-service condition in the application server. Delta Electronics has released COMMGR v1.09 to address this vulnerability and recommends users upgrade. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.