Details of VAR-202510-1429

ID

VAR-202510-1429

CVE

CVE-2025-59299

TITLE

Delta Electronics DIAScreen DPA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Trust: 0.7

sources: ZDI: ZDI-25-970

DESCRIPTION

Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of DPA files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. Delta Electronics DIAScreen is a smart machine building software developed by Delta Electronics, a Chinese company

Trust: 2.07

sources: NVD: CVE-2025-59299 // ZDI: ZDI-25-970 // CNVD: CNVD-2025-26896

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-26896

AFFECTED PRODUCTS

vendor:	deltaww	model:	diascreen	scope:	lt	version:	1.6.1	Trust: 1.0
vendor:	delta	model:	diascreen	scope:	-	version:	-	Trust: 0.7
vendor:	delta	model:	electronics diascreen	scope:	lt	version:	1.6.1	Trust: 0.6

sources: ZDI: ZDI-25-970 // CNVD: CNVD-2025-26896 // NVD: CVE-2025-59299

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2025-59299
value:	HIGH
Trust: 1.0
759f5e80-c8e1-4224-bead-956d7b33c98b:	CVE-2025-59299
value:	MEDIUM
Trust: 1.0
ZDI:	CVE-2025-59299
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2025-26896
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2025-26896
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2025-59299
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
ZDI:	CVE-2025-59299
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-25-970 // CNVD: CNVD-2025-26896 // NVD: CVE-2025-59299 // NVD: CVE-2025-59299

PROBLEMTYPE DATA

problemtype:

CWE-787

Trust: 1.0

sources: NVD: CVE-2025-59299

PATCH

title:	Delta Electronics has issued an update to correct this vulnerability.	url:	https://www.cisa.gov/news-events/ics-advisories/icsa-25-280-01	Trust: 0.7
title:	Patch for Delta Electronics DIAScreen out-of-bounds write vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/749026	Trust: 0.6

sources: ZDI: ZDI-25-970 // CNVD: CNVD-2025-26896

EXTERNAL IDS

db:	NVD	id:	CVE-2025-59299	Trust: 2.3
db:	ZDI_CAN	id:	ZDI-CAN-26683	Trust: 0.7
db:	ZDI	id:	ZDI-25-970	Trust: 0.7
db:	CNVD	id:	CNVD-2025-26896	Trust: 0.6

sources: ZDI: ZDI-25-970 // CNVD: CNVD-2025-26896 // NVD: CVE-2025-59299

REFERENCES

url:	https://filecenter.deltaww.com/news/download/doc/delta-pcsa-2025-00018_diascreen%20file%20parsing%20out-of-bounds%20write%20vulnerability.pdf	Trust: 1.6
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-25-280-01	Trust: 0.7

sources: ZDI: ZDI-25-970 // CNVD: CNVD-2025-26896 // NVD: CVE-2025-59299

CREDITS

Natnael Samson (@NattiSamson)

Trust: 0.7

sources: ZDI: ZDI-25-970

SOURCES

db:	ZDI	id:	ZDI-25-970
db:	CNVD	id:	CNVD-2025-26896
db:	NVD	id:	CVE-2025-59299

LAST UPDATE DATE

2025-11-19T23:14:42.859000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-25-970	date:	2025-10-27T00:00:00
db:	CNVD	id:	CNVD-2025-26896	date:	2025-11-05T00:00:00
db:	NVD	id:	CVE-2025-59299	date:	2025-10-08T16:06:48.857

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-25-970	date:	2025-10-27T00:00:00
db:	CNVD	id:	CNVD-2025-26896	date:	2025-11-05T00:00:00
db:	NVD	id:	CVE-2025-59299	date:	2025-10-03T03:15:35.760