PatchSiren cyber security CVE debrief
CVE-2025-47726 Delta Electronics CVE debrief
CVE-2025-47726 affects Delta Electronics CNCSoft <=v1.01.34. CISA says the product does not properly validate user-supplied files, and opening a maliciously crafted file can execute code in the context of the current process. Delta states CNCSoft is discontinued and no fix will be provided, so affected organizations should prioritize migration and tighten file-handling and OT exposure controls.
- Vendor
- Delta Electronics
- Product
- CNCSoft
- CVSS
- HIGH 7.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-06-24
- Original CVE updated
- 2025-06-24
- Advisory published
- 2025-06-24
- Advisory updated
- 2025-06-24
Who should care
Organizations using Delta Electronics CNCSoft, especially teams operating or maintaining CNC/OT systems that import, open, or exchange project files. Industrial control system administrators should also care because the vendor says the affected A-series CNC products are discontinued and CNCSoft is being removed from the Delta Download Center.
Technical summary
The advisory describes a file-validation weakness in Delta Electronics CNCSoft. If a user opens a maliciously crafted file, an attacker may be able to execute code within the current process. The supplied advisory lists the affected range as Delta Electronics CNCSoft <=v1.01.34 and rates the issue CVSS 3.1 7.7 HIGH (AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H).
Defensive priority
High: prioritize migration off the affected software and enforce strict controls around untrusted files and OT system exposure.
Recommended defensive actions
- Migrate to newer Delta CNC products and their corresponding software as soon as possible, as Delta says no fix will be issued for CNCSoft.
- Do not open unsolicited email attachments or other untrusted files on systems that use CNCSoft.
- Avoid exposing control systems and equipment to the Internet.
- Place affected systems and devices behind a firewall and isolate them from the business network.
- Use a secure remote-access method such as a VPN when remote access is required.
- Contact Delta through its customer service portal for product-specific support and migration guidance.
- Review CISA industrial control systems recommended practices and cybersecurity best practices for additional hardening guidance.
Evidence notes
Primary evidence comes from CISA advisory ICSA-25-175-02 published 2025-06-24. The CSAF advisory identifies Delta Electronics CNCSoft <=v1.01.34 as affected and states that improper validation of user-supplied files can allow code execution in the current process. The vendor remediation text says CNCSoft is discontinued, will be removed from the Delta Download Center, and users should migrate to newer Delta CNC products. The supplied source also lists CVSS 3.1 7.7 HIGH.
Official resources
-
CVE-2025-47726 CVE record
CVE.org
-
CVE-2025-47726 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed by CISA on 2025-06-24 as ICSA-25-175-02. No Known Exploited Vulnerabilities (KEV) entry was supplied in the source corpus.