CVE-2026-12578

Summary

The affected product is vulnerable to a deserialization of untrusted data, which may allow an attacker to execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
deltawwDTMSoft*affected

Weaknesses

  • CWE-502: CWE-502 Deserialization of untrusted data

Workarounds

Users are recommended to take the following mitigation measures:

  • Do not open unsolicited project files: Do not open or import unsolicited project files, untrusted Internet links, or unexpected attachments from emails, network shares, or USB drives. Always verify the source of the file before opening it.

  • Avoid running as administrator: Do not use the "Run as Administrator" option when launching the software. Running the software with standard user privileges effectively limits the damage of potential malicious code.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References