PatchSiren cyber security CVE debrief
CVE-2025-58319 Delta Electronics CVE debrief
Delta Electronics CNCSoft-G2 versions 2.1.0.27 and earlier contain a file parsing vulnerability that allows arbitrary code execution when a user opens a malicious file. The flaw stems from improper validation of user-supplied files, enabling attackers to execute code within the context of the current process. This vulnerability was initially disclosed on April 30, 2024, and subsequently updated on October 16, 2025, to reflect modified affected products, vulnerability overview, and mitigations. The CVSS 3.1 score of 7.8 (HIGH) reflects local attack vector, low attack complexity, no privileges required, but user interaction required, with high impacts to confidentiality, integrity, and availability. Delta Electronics has released version 2.1.0.34 to address this vulnerability.
- Vendor
- Delta Electronics
- Product
- CNCSoft-G2
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-04-30
- Original CVE updated
- 2025-10-16
- Advisory published
- 2024-04-30
- Advisory updated
- 2025-10-16
Who should care
Industrial control system operators, OT security teams, manufacturing security engineers, Delta Electronics system integrators, and organizations using CNCSoft-G2 for HMI/PLC programming in production environments.
Technical summary
CVE-2025-58319 is a file parsing vulnerability in Delta Electronics CNCSoft-G2 versions 2.1.0.27 and earlier. The software fails to properly validate user-supplied files, resulting in a stack-based buffer overflow condition. When a user opens a maliciously crafted file, an attacker can achieve arbitrary code execution in the context of the current process. This represents a significant risk in industrial environments where CNCSoft-G2 is used for programming Delta human-machine interfaces (HMIs) and programmable logic controllers (PLCs). The vulnerability requires local access and user interaction but grants high-impact capabilities including full confidentiality, integrity, and availability compromise of the engineering workstation. The attack surface is primarily through social engineering or supply chain compromise of project files exchanged between operators and integrators.
Defensive priority
HIGH
Recommended defensive actions
- Update Delta Electronics CNCSoft-G2 to version 2.1.0.34 or later to remediate this vulnerability.
- Review and apply ICS-CERT recommended practices for industrial control systems security.
- Implement defense-in-depth strategies including network segmentation for OT environments.
- Train operators to avoid opening untrusted files in engineering workstation environments.
- Monitor for suspicious file activity in CNCSoft-G2 installations.
Evidence notes
CISA ICS Advisory ICSA-24-121-01 (Update A) documents this vulnerability in Delta Electronics CNCSoft-G2, with affected versions <=2.1.0.27. The advisory was initially published April 30, 2024, and updated October 16, 2025. CVSS 3.1 vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. Vendor fix available in version 2.1.0.34.
Official resources
-
CVE-2025-58319 CVE record
CVE.org
-
CVE-2025-58319 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-04-30