PatchSiren cyber security CVE debrief
CVE-2025-47725 Delta Electronics CVE debrief
CVE-2025-47725 affects Delta Electronics CNCSoft and is rated High. According to CISA’s advisory, opening a maliciously crafted file can let an attacker execute code in the context of the current process. Delta says the affected A-series CNC products are discontinued and no fix is planned, so affected users should prioritize migration and exposure reduction.
- Vendor
- Delta Electronics
- Product
- CNCSoft
- CVSS
- HIGH 7.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-06-24
- Original CVE updated
- 2025-06-24
- Advisory published
- 2025-06-24
- Advisory updated
- 2025-06-24
Who should care
Industrial control and OT teams using Delta Electronics CNCSoft, especially operators, engineers, and administrators who exchange or open CNC project files. Security teams responsible for workstation hardening, removable media control, and remote access to engineering systems should also treat this as relevant.
Technical summary
The advisory describes a user-supplied file validation failure in CNCSoft. If a user opens a malicious file, code execution may occur within the current process. The published CVSS vector is CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H, and CISA lists affected versions as Delta Electronics CNCSoft <=v1.01.34. The vendor remediation states the product line is discontinued and does not plan a code fix.
Defensive priority
High for environments that still use CNCSoft, because there is no planned vendor patch and exploitation depends on users opening untrusted files. Priority should be on removing or replacing the product where possible, reducing file-handling risk, and isolating any remaining installations.
Recommended defensive actions
- Inventory all systems running Delta Electronics CNCSoft and confirm whether any instances are at or below v1.01.34.
- Do not open untrusted or unsolicited files on CNCSoft workstations, including files received by email or other untrusted channels.
- Isolate control systems and engineering workstations from the Internet and from the broader business network where feasible.
- Place affected systems behind firewalls and use secure remote access methods such as a VPN when remote access is required.
- Migrate to newer Delta CNC products and their corresponding software as soon as possible, since Delta states no fix is planned for the discontinued A-series CNC products supported by CNCSoft.
- Follow CISA and Delta industrial control system hardening guidance for any systems that must remain in service.
Evidence notes
All substantive claims are drawn from the supplied CISA CSAF advisory ICSA-25-175-02 and its linked Delta advisory/reference materials. The CVE and advisory publication/modified timestamps provided are both 2025-06-24T06:00:00.000Z, and no CISA KEV entry was provided in the source corpus. The affected version range, remediation stance, and CVSS vector were taken from the supplied advisory metadata.
Official resources
-
CVE-2025-47725 CVE record
CVE.org
-
CVE-2025-47725 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed by CISA on 2025-06-24 as ICSA-25-175-02 for CVE-2025-47725. Delta Electronics states the affected CNCSoft-supported A-series CNC products are discontinued and that no product fix is planned.