The NCCIC has released an advisory on out-of-bounds read, heap-based buffer overflow, and stack-based buffer overflow vulnerabilities in Delta Industrial Automation DOPSoft. Versions 4.00.04 and prior are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to read sensitive information, execute arbitrary code, and/or crash the application. Delta Electronics recommends affected users update to the latest version. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!