ICS: Multiple Delta Electronics ISPSoft Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-22882 CVSS:7.8

Delta Electronics ISPSoft could allow a remote attacker to execute arbitrary code on the system, caused by a stack-based buffer overflow in the parsing of CBDGL files.

CVE-2025-22883 CVSS:7.8

Delta Electronics ISPSoft could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write flaw in the parsing of DVP files.

CVE-2025-22884 CVSS:7.8

Delta Electronics ISPSoft could allow a remote attacker to execute arbitrary code on the system, caused by a stack-based buffer overflow in the parsing of DVP files.

Impact

Code Execution

Indicators of Compromise

CVE

CVE-2025-22882
CVE-2025-22883
CVE-2025-22884

Affected Vendors

Delta Electronics

Affected Products

Delta Electronics ISPSoft - 3.19

Remediation

Upgrade to the latest version of Delta Electronics ISPSoft, available from the Delta Electronics Website.

Delta Electronics Website

Amadey Botnet – Active IOCs

CVE-2025-2783 – Google Chrome Vulnerability

ICS: Multiple Delta Electronics ISPSoft Vulnerabilities

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan