CVE-2019-13513

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Delta Industrial Automation DOPSoft versions 4.00.06.15 and prior

Description The issue arises when processing a specially crafted project file, which may trigger multiple out-of-bounds read vulnerabilities. This could lead to information disclosure, remote code execution, or cause the application to crash.

Recommendations For versions 4.00.06.15 and prior, avoid processing untrusted or specially crafted project files until a fix is available. As a temporary workaround, consider restricting access to project file parsing functionality to minimize the risk of exploitation.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2019-13513

ZDI-19-718

ZDI-19-719

ZDI-19-720

ZDI-19-721

ZDI-19-722

Affected Products

Dopsoft

CVE-2019-13513

Weakness Enumeration

Related Identifiers

Affected Products

References · 9