Delta Electronics CNCSoft-G2, Out-of-bounds Write, CVE-2026-3094 (High)

Listen to this Post

Delta Electronics CNCSoft-G2, a Windows-based engineering software for CNC and industrial automation, is vulnerable to an out-of-bounds write flaw . The vulnerability exists in the DOPSoft component when parsing DPAX project files . Due to a lack of proper validation of user-supplied file data, an attacker can craft a malicious DPAX file . When a user opens this file, the software writes data beyond the allocated memory buffer boundaries . This memory corruption can be leveraged by the attacker to execute arbitrary code within the context of the current process, leading to a full system compromise . The issue affects all versions prior to v2.1.0.39 and was reported by Natnael Samson through the TrendAI Zero Day Initiative .

DailyCVE Form:

Platform: Delta CNCSoft-G2
Version: <2.1.0.39
Vulnerability : Out-of-bounds Write
Severity: HIGH
date: 2026-03-04

Prediction: Patch Immediate

What Undercode Say:

Analytics:

To check the installed version on a Windows system, you can examine the file properties of the main executable. This PowerShell command retrieves the version information:

(Get-Item "C:Program FilesDelta Industrial AutomationCNCSoft-G2CNCSoft-G2.exe").VersionInfo.FileVersion

A vulnerable system would return a version number less than 2.1.0.39.

Exploit:

A proof-of-concept would involve crafting a malformed DPAX file. The exploit targets the DOPSoft parsing engine, where a specific field containing an overly long value or an incorrect size descriptor triggers the overflow. The following Python snippet conceptualizes how the file could be structured to cause a crash:

POC Concept: Crafting a malicious DPAX file
malicious_data = b"x00" 0x100 Placeholder for DPAX header
Assume a specific offset (0x100) expects a length value for a buffer
malicious_data += b"xFFxFF" Providing a large length to trigger out-of-bounds write
Followed by the payload that will be written out-of-bounds
malicious_data += b"A" 0x1000
with open("exploit.dpax", "wb") as f:
f.write(malicious_data)

Protection from this CVE

The primary mitigation is to update to CNCSoft-G2 version 2.1.0.39 or later, available from the Delta download center . As a workaround, users should avoid opening DPAX files from untrusted sources and implement network segmentation to isolate engineering workstations .

Impact

Successful exploitation allows an attacker to execute arbitrary code with the privileges of the user running the software . This could lead to the complete compromise of the engineering workstation, potential theft of intellectual property, and possible use as a pivot point to attack connected industrial control system (ICS) networks and devices .

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Previous

Hono, Injection, CVE-2026-29085 (Medium)

Scroll to Top