1. EXECUTIVE SUMMARY
- CVSS v4 6.8
- ATTENTION: Low attack complexity
- Vendor: Delta Electronics
- Equipment: DIAScreen
- Vulnerabilities: Out-of-bounds Write
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to write data outside of the allocated memory buffer.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Delta Electronics DIAScreen are affected:
- DIAScreen: Version 1.6.0 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 OUT-OF-BOUNDS WRITE CWE-787
Delta Electronics DIAScreen can write data outside of the intended memory buffer when a valid user opens a maliciously crafted project file.
CVE-2025-59297 has been assigned to this vulnerability. A CVSS v3.1 base score of 6.6 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H).
A CVSS v4 score has also been calculated for CVE-2025-59297. A base score of 6.8 has been calculated; the CVSS vector string is (CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N).
3.2.2 OUT-OF-BOUNDS WRITE CWE-787
Delta Electronics DIAScreen can write data outside of the intended memory buffer when a valid user opens a maliciously crafted project file.
CVE-2025-59298 has bee
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: