PatchSiren cyber security CVE debrief
CVE-2024-7502 Delta Electronics CVE debrief
A stack-based buffer overflow vulnerability in Delta Electronics DIAScreen allows arbitrary code execution when processing maliciously crafted DPA files. The vulnerability, published 2024-08-06, carries a HIGH severity CVSS 7.8 score and requires local access with user interaction. Delta Electronics has released version 1.4.2 to address this issue.
- Vendor
- Delta Electronics
- Product
- DIAScreen
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-08-06
- Original CVE updated
- 2024-08-06
- Advisory published
- 2024-08-06
- Advisory updated
- 2024-08-06
Who should care
Organizations operating Delta Electronics DIAScreen in industrial automation environments, particularly manufacturing facilities using Delta PLCs and HMI systems. OT security teams, ICS asset owners, and system integrators deploying DIAScreen for machine interface configuration should prioritize patching. Organizations with bring-your-own-device policies or file-sharing workflows involving DPA files face elevated risk.
Technical summary
CVE-2024-7502 is a stack-based buffer overflow in Delta Electronics DIAScreen HMI configuration software. The vulnerability exists in DPA file parsing, where insufficient bounds checking allows a crafted file to overflow stack memory. Successful exploitation yields arbitrary code execution with the privileges of the DIAScreen process. The CVSS 3.1 score of 7.8 (HIGH) reflects local attack vector, low attack complexity, no privileges required, but user interaction required (opening malicious DPA file), with high impact to confidentiality, integrity, and availability. Delta Electronics has remediated this in version 1.4.2.
Defensive priority
HIGH
Recommended defensive actions
- Upgrade Delta Electronics DIAScreen to version 1.4.2 or later on all affected systems.
- Restrict user permissions to prevent unauthorized DPA file execution in DIAScreen environments.
- Implement application whitelisting to prevent execution of unapproved DPA files.
- Deploy endpoint protection with behavioral monitoring for industrial HMI/SCADA workstations.
- Segment OT networks from IT networks to limit lateral movement if compromise occurs.
- Train operators to recognize and avoid opening untrusted DPA files from unknown sources.
Evidence notes
CISA ICS advisory ICSA-24-219-01 confirms the vulnerability affects DIAScreen versions prior to 1.4.2. The advisory identifies the attack vector as crafted DPA files causing stack-based buffer overflow with resultant arbitrary code execution. CVSS 3.1 vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H confirms local attack vector requiring user interaction.
Official resources
-
CVE-2024-7502 CVE record
CVE.org
-
CVE-2024-7502 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-08-06