Listen to this Post
Delta Electronics CNCSoft-G2, a Windows-based engineering software for CNC and industrial automation, is vulnerable to an out-of-bounds write flaw . The vulnerability exists in the DOPSoft component when parsing DPAX project files . Due to a lack of proper validation of user-supplied file data, an attacker can craft a malicious DPAX file . When a user opens this file, the software writes data beyond the allocated memory buffer boundaries . This memory corruption can be leveraged by the attacker to execute arbitrary code within the context of the current process, leading to a full system compromise . The issue affects all versions prior to v2.1.0.39 and was reported by Natnael Samson through the TrendAI Zero Day Initiative .
DailyCVE Form:
Platform: Delta CNCSoft-G2
Version: <2.1.0.39
Vulnerability : Out-of-bounds Write
Severity: HIGH
date: 2026-03-04
Prediction: Patch Immediate
What Undercode Say:
Analytics:
To check the installed version on a Windows system, you can examine the file properties of the main executable. This PowerShell command retrieves the version information:
(Get-Item "C:Program FilesDelta Industrial AutomationCNCSoft-G2CNCSoft-G2.exe").VersionInfo.FileVersion
A vulnerable system would return a version number less than 2.1.0.39.
Exploit:
A proof-of-concept would involve crafting a malformed DPAX file. The exploit targets the DOPSoft parsing engine, where a specific field containing an overly long value or an incorrect size descriptor triggers the overflow. The following Python snippet conceptualizes how the file could be structured to cause a crash:
POC Concept: Crafting a malicious DPAX file
malicious_data = b"x00" 0x100 Placeholder for DPAX header
Assume a specific offset (0x100) expects a length value for a buffer
malicious_data += b"xFFxFF" Providing a large length to trigger out-of-bounds write
Followed by the payload that will be written out-of-bounds
malicious_data += b"A" 0x1000
with open("exploit.dpax", "wb") as f:
f.write(malicious_data)
Protection from this CVE
The primary mitigation is to update to CNCSoft-G2 version 2.1.0.39 or later, available from the Delta download center . As a workaround, users should avoid opening DPAX files from untrusted sources and implement network segmentation to isolate engineering workstations .
Impact
Successful exploitation allows an attacker to execute arbitrary code with the privileges of the user running the software . This could lead to the complete compromise of the engineering workstation, potential theft of intellectual property, and possible use as a pivot point to attack connected industrial control system (ICS) networks and devices .
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow DailyCVE & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin
Hono, Injection, CVE-2026-29085 (Medium)
