Delta Electronics TPEditor (ICSA-19-253-01)

The NCCIC has published an advisory on stack-based buffer overflow, heap-based buffer overflow, and out-of-bounds write vulnerabilities in Delta Electronics TPEditor. Versions 1.94 and prior are affected. Successful exploitation of these vulnerabilities may allow information disclosure, remote code execution, or may crash the application. Delta Electronics recommends affected users update to the latest version of Delta Industrial Automation TPEditor, Version 1.95. The NCCIC also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.