Details of VAR-202508-3004

ID

VAR-202508-3004

CVE

CVE-2025-53418

TITLE

Delta Electronics COMMGR Stack-based Buffer Overflow Remote Code Execution Vulnerability

Trust: 0.7

sources: ZDI: ZDI-25-898

DESCRIPTION

Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics COMMGR. An attacker must first obtain the ability to compromise a PLC in order to exploit this vulnerability.The specific flaw exists within the handling of packets received from a PLC. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the application. Delta Electronics COMMGR contains a command injection vulnerability caused by improper bounds checking when crafting a specially crafted .isp file. Detailed vulnerability details are not available at this time

Trust: 2.07

sources: NVD: CVE-2025-53418 // ZDI: ZDI-25-898 // CNVD: CNVD-2025-22951

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-22951

AFFECTED PRODUCTS

vendor:	delta	model:	commgr	scope:	-	version:	-	Trust: 0.7
vendor:	delta	model:	electronics commgr	scope:	lte	version:	<=2.9.0	Trust: 0.6

sources: ZDI: ZDI-25-898 // CNVD: CNVD-2025-22951

CVSS

SEVERITY

CVSSV2

CVSSV3

759f5e80-c8e1-4224-bead-956d7b33c98b:	CVE-2025-53418
value:	HIGH
Trust: 1.0
ZDI:	CVE-2025-53418
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2025-22951
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2025-22951
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	8.5
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

759f5e80-c8e1-4224-bead-956d7b33c98b:	CVE-2025-53418
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.7
version:	3.1
Trust: 1.0
ZDI:	CVE-2025-53418
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-25-898 // CNVD: CNVD-2025-22951 // NVD: CVE-2025-53418

PROBLEMTYPE DATA

problemtype:

CWE-121

Trust: 1.0

sources: NVD: CVE-2025-53418

PATCH

title:	Delta Electronics has issued an update to correct this vulnerability.	url:	https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00014_COMMGR%20Stack-based%20Buffer%20Overflow%20and%20Code%20Injection%20Vulnerabilities.pdf	Trust: 0.7
title:	Patch for Delta Electronics COMMGR Command Injection Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/738726	Trust: 0.6

sources: ZDI: ZDI-25-898 // CNVD: CNVD-2025-22951

EXTERNAL IDS

db:	NVD	id:	CVE-2025-53418	Trust: 2.3
db:	ZDI_CAN	id:	ZDI-CAN-25289	Trust: 0.7
db:	ZDI	id:	ZDI-25-898	Trust: 0.7
db:	CNVD	id:	CNVD-2025-22951	Trust: 0.6

sources: ZDI: ZDI-25-898 // CNVD: CNVD-2025-22951 // NVD: CVE-2025-53418

REFERENCES

url:

https://filecenter.deltaww.com/news/download/doc/delta-pcsa-2025-00014_commgr%20stack-based%20buffer%20overflow%20and%20code%20injection%20vulnerabilities.pdf

Trust: 2.3

sources: ZDI: ZDI-25-898 // CNVD: CNVD-2025-22951 // NVD: CVE-2025-53418

CREDITS

Guillaume Orlando

Trust: 0.7

sources: ZDI: ZDI-25-898

SOURCES

db:	ZDI	id:	ZDI-25-898
db:	CNVD	id:	CNVD-2025-22951
db:	NVD	id:	CVE-2025-53418

LAST UPDATE DATE

2025-09-30T23:38:38.129000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-25-898	date:	2025-09-18T00:00:00
db:	CNVD	id:	CNVD-2025-22951	date:	2025-09-29T00:00:00
db:	NVD	id:	CVE-2025-53418	date:	2025-08-26T13:41:58.950

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-25-898	date:	2025-09-18T00:00:00
db:	CNVD	id:	CNVD-2025-22951	date:	2025-09-29T00:00:00
db:	NVD	id:	CVE-2025-53418	date:	2025-08-26T07:15:33.437