Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
5DescriptionCVE.org
Delta Electronics AS320T has No checking of the length of the buffer with the file name vulnerability.
AnalysisAI
Remote code execution in Delta Electronics AS320T allows unauthenticated network attackers to exploit an unchecked buffer overflow in filename processing to execute arbitrary code with high impact to confidentiality, integrity, and availability. The CVSS 9.8 critical score reflects network-accessible attack surface with no authentication or user interaction required. No EPSS or KEV data available at time of analysis, but vendor advisory confirms multiple related vulnerabilities affecting the same product line.
Technical ContextAI
The vulnerability affects Delta Electronics AS320T industrial automation equipment, which appears to be a network-connected control or HMI device based on the deltaww CPE namespace. The root cause is CWE-121 (Stack-based Buffer Overflow), occurring when the device processes filenames without validating length constraints. This classic memory corruption vulnerability allows attackers to overwrite stack memory by providing maliciously crafted filenames exceeding expected buffer sizes. The affected component likely involves file upload, download, or processing functionality exposed over the network. Tags indicate this is specifically a stack-based buffer overflow rather than heap corruption, suggesting the vulnerable buffer is allocated on the stack during filename handling operations.
RemediationAI
Apply vendor-released patches documented in Delta Electronics security advisory Delta-PCSA-2026-00006 at https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2026-00006_AS320T%20Multiple%20vulnerabilities%20(CVE-2026-1949,%201950,%201951,%201952).pdf. Exact patched firmware version should be verified from the advisory as NVD data does not specify fix version. Until patching is complete, implement network segmentation to isolate AS320T devices from untrusted networks, restrict access to file processing interfaces through firewall rules permitting only authenticated management IPs, and monitor for suspicious filename patterns in file operation logs. If file upload/transfer functionality is not operationally required, disable these features entirely at the application or network level. Note that network isolation may impact remote management capabilities and require on-site access for maintenance operations.
Remote unauthenticated attackers can trigger denial of service in Delta Electronics AS320T industrial automation devices
Remote code execution in Delta Electronics AS320T industrial automation server allows unauthenticated network attackers
Unchecked directory name buffer in Delta Electronics AS320T enables remote code execution without authentication. The CV
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-25402
GHSA-wv29-5pf5-8fp6