CVE-2025-22882 Delta Electronics CVE debrief

Who should care

Organizations that use Delta Electronics ISPSoft, especially engineering, automation, and OT teams that open or process CBDGL files on affected systems. Security teams managing industrial control software should treat this as a high-priority patch item because successful exploitation could lead to code execution on the workstation handling the file.

Technical summary

CISA’s CSAF advisory describes a stack-based buffer overflow in ISPSoft affecting versions 3.19 and prior. The issue is tied to parsing CBDGL files and is rated CVSS 3.1 7.8 High with vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local access with user interaction is part of the attack conditions. The vendor remediation is to update to ISPSoft v3.21 or later.

Defensive priority

High. The combination of code execution potential, user-interaction requirements, and industrial software context makes this a strong near-term patching candidate for any environment that opens untrusted or externally sourced project files.

Recommended defensive actions

• Update Delta Electronics ISPSoft to v3.21 or later as recommended by the vendor.
• Identify systems that use ISPSoft 3.19 or earlier, including engineering workstations and shared lab systems.
• Restrict handling of untrusted CBDGL files until affected systems are patched.
• Use standard ICS defense-in-depth practices for engineering endpoints and file-transfer workflows.
• Review Delta’s advisory for any additional vendor guidance or environment-specific mitigations.

Evidence notes

This debrief is based on the CISA CSAF advisory for ICSA-25-119-02 / CVE-2025-22882 and the vendor remediation guidance included in the source corpus. The advisory states that ISPSoft versions 3.19 and prior are vulnerable and recommends updating to v3.21 or later. The source revision history shows an initial publication on 2025-04-29 and a follow-up revision on 2025-05-06 for typo fixes only.

Official resources