CVE-2018-10594

Name of the Vulnerable Software and Affected Versions: Delta Industrial Automation COMMGR versions 1.08 and prior

Description: The issue is related to a fixed-length stack buffer that can be overwritten when an unverified length value is read from network packets via a specific network port. This can lead to remote code execution, cause the application to crash, or result in a denial-of-service condition in the application server.

Recommendations: For Delta Industrial Automation COMMGR versions 1.08 and prior, consider disabling the network port that accepts unverified length values until a patch is available to prevent potential remote code execution or denial-of-service conditions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.