Use-after-free vulnerability in Delta Industrial Automation DOPSoft allows for remote code execution and information disclosure

Use-after-free vulnerability in Delta Industrial Automation DOPSoft allows for remote code execution and information disclosure

CVE-2019-13514 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger a use-after-free vulnerability, which may allow information disclosure, remote code execution, or crash of the application.

Learn more about our Industrial Pen Testing.