PatchSiren cyber security CVE debrief
CVE-2025-22884 Delta Electronics CVE debrief
CVE-2025-22884 is a high-severity vulnerability in Delta Electronics ISPSoft affecting version 3.19 and earlier. According to the CISA CSAF advisory, a stack-based buffer overflow can occur while parsing DVP files and may allow arbitrary code execution. Delta recommends updating to ISPSoft v3.21 or later.
- Vendor
- Delta Electronics
- Product
- ISPSoft
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-04-29
- Original CVE updated
- 2025-05-06
- Advisory published
- 2025-04-29
- Advisory updated
- 2025-05-06
Who should care
Organizations that use Delta Electronics ISPSoft in industrial control or OT environments, especially teams that open or process DVP project files. This includes engineering, maintenance, and security staff responsible for workstation hardening and software update management.
Technical summary
The advisory describes a stack-based buffer overflow in ISPSoft’s DVP file parsing logic. The impact statement is code execution: if a user opens a maliciously crafted DVP file, an attacker could potentially execute arbitrary code in the context of the affected system. The published CVSS vector is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, which reflects local access with required user interaction. Affected versions are listed as ISPSoft 3.19 and earlier; Delta’s remediation is to update to v3.21 or later.
Defensive priority
High. The vulnerability is rated 7.8 (High) and can lead to arbitrary code execution, but it requires user interaction and is not presented as remote unauthenticated exploitation. Prioritize if ISPSoft is used on engineering workstations or other systems that routinely handle DVP files.
Recommended defensive actions
- Update Delta Electronics ISPSoft to version 3.21 or later per the vendor recommendation.
- Restrict and review handling of DVP files, especially files from untrusted or unexpected sources.
- Apply least privilege and workstation hardening on systems used for ISPSoft engineering tasks.
- Monitor affected environments for vendor advisories and confirm the CISA advisory revision history when tracking this issue.
- Validate that asset inventories identify all installations of ISPSoft 3.19 and earlier so they can be remediated.
Evidence notes
The supplied CSAF source and CISA advisory identify Delta Electronics ISPSoft versions 3.19 and prior as affected, with a stack-based buffer overflow during DVP file parsing. The advisory states the issue may allow arbitrary code execution. The CVSS vector provided in the source is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, and the vendor remediation explicitly recommends updating to ISPSoft v3.21 or later. The source revision history shows the 2025-05-06 update was a typo fix only.
Official resources
-
CVE-2025-22884 CVE record
CVE.org
-
CVE-2025-22884 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published ICSA-25-119-02 for CVE-2025-22884 on 2025-04-29 and revised it on 2025-05-06; the revision history in the source indicates the later update fixed typos only.