CVE-2025-47727 Delta Electronics CVE debrief

Who should care

OT and manufacturing teams using Delta Electronics CNCSoft, especially engineering workstations and support staff who open project or data files from outside the trusted environment. Security teams responsible for isolating industrial control systems, restricting file handling, and planning replacement for discontinued software should treat this as a high-priority review item.

Technical summary

The advisory describes improper validation of user-supplied files in Delta Electronics CNCSoft. An attacker who can get a user to open a malicious file may achieve code execution within the current process. The supplied affected-product listing covers Delta Electronics CNCSoft version 1.01.34 and earlier. The CVSS vector provided is local, requires user interaction and high privileges, and indicates scope change with high confidentiality, integrity, and availability impact.

Defensive priority

High. The issue can lead to code execution in an OT-related application, the vendor says no remediation is planned because the product line is discontinued, and the attack path depends on common user file-opening behavior rather than complex exploitation.

Recommended defensive actions

• Inventory CNCSoft installations and confirm whether any systems are running version 1.01.34 or earlier.
• Treat untrusted files as unsafe; do not open unsolicited attachments or files in CNCSoft workflows.
• Restrict who can access engineering workstations and limit local administrative/high-privilege use.
• Isolate affected systems from the Internet and from broader business networks where possible.
• Place systems behind firewalls and use segmented network zones for industrial assets.
• Use secure remote access methods such as VPNs when remote administration is required.
• Plan migration to newer Delta CNC products and their corresponding software, since Delta states CNCSoft is discontinued and will be removed from the Delta Download Center.
• Review Delta's product cybersecurity advisory and customer support resources for product-specific guidance.

Evidence notes

Supplied source data identifies CVE-2025-47727 / ICSA-25-175-02 as published and last modified on 2025-06-24T06:00:00Z. The affected product entry lists Delta Electronics CNCSoft: <=v1.01.34. The advisory text says the software does not properly validate user-supplied files and that opening a maliciously crafted file may allow code execution in the current process. Delta's remediation text says the A-series CNC products supported by CNCSoft have been discontinued and no fix is planned.

Official resources