ID
VAR-202503-0401
CVE
CVE-2024-12858
TITLE
Delta Electronics CNCSoft-G2 Input Validation Error Vulnerability
Trust: 0.6
DESCRIPTION
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. *** Duplicate of CVE-2025-22880 ***. Delta Electronics CNCSoft-G2 is a human-machine interface (HMI) software from Delta Electronics, a Chinese company. Delta Electronics CNCSoft-G2 2.1.0.16 and earlier versions have an input validation error vulnerability. The vulnerability is caused by not properly validating the length of the data provided by the user. Attackers can exploit this vulnerability to execute code in the current process environment
Trust: 1.44
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | delta | model: | electronics cncsoft-g2 | scope: | lte | version: | <=2.1.0.16 | Trust: 0.6 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||
|
|
PATCH
| title: | Patch for Delta Electronics CNCSoft-G2 Input Validation Error Vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/676731 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2024-12858 | Trust: 1.6 |
| db: | CNVD | id: | CNVD-2025-06647 | Trust: 0.6 |
REFERENCES
| url: | https://downloadcenter.delta-china.com.cn/zh-cn/downloadcenter?v=1&q=cncsoft&sort_expr=cdate&sort_dir=desc | Trust: 0.6 |
SOURCES
| db: | CNVD | id: | CNVD-2025-06647 |
| db: | NVD | id: | CVE-2024-12858 |
LAST UPDATE DATE
2025-04-10T23:14:32.990000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2025-06647 | date: | 2025-04-08T00:00:00 |
| db: | NVD | id: | CVE-2024-12858 | date: | 2025-04-02T15:15:56.183 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2025-06647 | date: | 2025-04-08T00:00:00 |
| db: | NVD | id: | CVE-2024-12858 | date: | 2025-03-13T17:15:25.653 |