1. EXECUTIVE SUMMARY
- CVSS v4 8.4
- ATTENTION: Low attack complexity
- Vendor: Delta Electronics
- Equipment: ASDA-Soft
- Vulnerability: Stack-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to write data outside of the allocated memory buffer.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Delta Electronics reports the following versions of ASDA-Soft servo software are affected:
- ASDA-Soft: Version 7.0.2.0 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 Stack-based Buffer Overflow CWE-121
Delta Electronics ASDA-Soft can write data outside of the intended memory buffer when a valid user opens a maliciously crafted project file.
CVE-2025-62579 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2025-62579. A base score of 8.4 has been calculated; the CVSS vector string is (CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.2.2 Stack-based Buffer Overflow CWE-121
Delta Electronics ASDA-Soft can write data outside of the intended memory buffer when a valid user opens a maliciously crafted project file.