ICSA-25-296-04
Vulnerability from csaf_cisa - Published: 2025-10-23 06:00 - Updated: 2025-10-23 06:00Summary
Delta Electronics ASDA-Soft
Notes
Legal Notice and Terms of Use: This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).
Risk evaluation: Successful exploitation of these vulnerabilities could allow an attacker to write data outside of the allocated memory buffer.
Critical infrastructure sectors: Critical Manufacturing
Countries/areas deployed: Worldwide
Company headquarters location: Taiwan
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices: No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time. These vulnerabilities are not exploitable remotely.
7.8 (High)
Vendor Fix
Delta Electronics has released an updated version of ASDA-Soft and recommends users install v7.1.1.0 or newer.
Mitigation
For more information, see Delta Electronics advisory Delta-PCSA-2025-00019.
https://filecenter.deltaww.com/news/download/doc/…
Mitigation
Delta Electronics offers the following general recommendations:
Mitigation
Do not click on untrusted Internet links or open unsolicited attachments in emails.
Mitigation
Avoid exposing control systems and equipment to the Internet.
Mitigation
Place systems and devices behind a firewall and isolate them from the business network.
Mitigation
When remote access is required, use a secure access method, such as a virtual private network (VPN).
Mitigation
Contact Delta Electronics via their portal page for any product-related support concerns, information, or materials you may require.
https://www.deltaww.com/en-US/Customer-Service
7.8 (High)
Vendor Fix
Delta Electronics has released an updated version of ASDA-Soft and recommends users install v7.1.1.0 or newer.
Mitigation
For more information, see Delta Electronics advisory Delta-PCSA-2025-00019.
https://filecenter.deltaww.com/news/download/doc/…
Mitigation
Delta Electronics offers the following general recommendations:
Mitigation
Do not click on untrusted Internet links or open unsolicited attachments in emails.
Mitigation
Avoid exposing control systems and equipment to the Internet.
Mitigation
Place systems and devices behind a firewall and isolate them from the business network.
Mitigation
When remote access is required, use a secure access method, such as a virtual private network (VPN).
Mitigation
Contact Delta Electronics via their portal page for any product-related support concerns, information, or materials you may require.
https://www.deltaww.com/en-US/Customer-Service
References
Acknowledgments
Trend Micro Zero Day Initiative
Guillaume Orlando
{
"document": {
"acknowledgments": [
{
"names": [
"Guillaume Orlando"
],
"organization": "Trend Micro Zero Day Initiative",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy \u0026 Use policy (https://www.cisa.gov/privacy-policy).",
"title": "Legal Notice and Terms of Use"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow an attacker to write data outside of the allocated memory buffer.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Taiwan",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time. These vulnerabilities are not exploitable remotely.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-25-296-04 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-296-04.json"
},
{
"category": "self",
"summary": "ICSA Advisory ICSA-25-296-04 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-04"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/secure-our-world/teach-employees-avoid-phishing"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/news/avoiding-social-engineering-and-phishing-attacks"
}
],
"title": "Delta Electronics ASDA-Soft",
"tracking": {
"current_release_date": "2025-10-23T06:00:00.000000Z",
"generator": {
"date": "2025-10-23T16:23:40.328726Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-25-296-04",
"initial_release_date": "2025-10-23T06:00:00.000000Z",
"revision_history": [
{
"date": "2025-10-23T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=7.0.2.0",
"product": {
"name": "Delta Electronics ASDA-Soft: \u003c=7.0.2.0",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "ASDA-Soft"
}
],
"category": "vendor",
"name": "Delta Electronics"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-62579",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Delta Electronics ASDA-Soft can write data outside of the intended memory buffer when a valid user opens a maliciously crafted project file.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62579"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Delta Electronics has released an updated version of ASDA-Soft and recommends users install v7.1.1.0 or newer.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information, see Delta Electronics advisory Delta-PCSA-2025-00019.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00019_ASDA-Soft%20Stack-based%20Buffer%20Overflow%20Vulnerabilities.pdf"
},
{
"category": "mitigation",
"details": "Delta Electronics offers the following general recommendations:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not click on untrusted Internet links or open unsolicited attachments in emails.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Avoid exposing control systems and equipment to the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place systems and devices behind a firewall and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use a secure access method, such as a virtual private network (VPN).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Contact Delta Electronics via their portal page for any product-related support concerns, information, or materials you may require.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.deltaww.com/en-US/Customer-Service"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2025-62580",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Delta Electronics ASDA-Soft can write data outside of the intended memory buffer when a valid user opens a maliciously crafted project file.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62580"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Delta Electronics has released an updated version of ASDA-Soft and recommends users install v7.1.1.0 or newer.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information, see Delta Electronics advisory Delta-PCSA-2025-00019.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00019_ASDA-Soft%20Stack-based%20Buffer%20Overflow%20Vulnerabilities.pdf"
},
{
"category": "mitigation",
"details": "Delta Electronics offers the following general recommendations:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not click on untrusted Internet links or open unsolicited attachments in emails.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Avoid exposing control systems and equipment to the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place systems and devices behind a firewall and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use a secure access method, such as a virtual private network (VPN).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Contact Delta Electronics via their portal page for any product-related support concerns, information, or materials you may require.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.deltaww.com/en-US/Customer-Service"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…