The NCCIC has published an advisory on an out-of-bounds read vulnerability in Delta Industrial Automation CNCSoft. Versions 1.00.84 and prior are affected. Successful exploitation of this vulnerability could cause a buffer overflow condition that may allow information disclosure or crash the application. Delta recommends updating to the latest version of CNCSoft v1.01.15 and restricting the interaction with the application to trusted files. The NCCIC also advises on a series of mitigating measures for these vulnerabilities. Read the advisory at NCCIC/ICS-CERT.