CVE-2024-39354

Summary

If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in CEtherIPTagItem can be exploited, allowing the attacker to remotely execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
Delta ElectronicsDIAScreen0 < v1.5.0affected

Weaknesses

  • CWE-121: CWE-121

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References