Skip to main content

Delta AS320T CVE-2026-1951

| EUVDEUVD-2026-25403 CRITICAL
Stack-based Buffer Overflow (CWE-121)
2026-04-24 Deltaww GHSA-cc2v-9v42-3c8q
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

5
Re-analysis Queued
Apr 24, 2026 - 07:22 vuln.today
cvss_changed
Analysis Generated
Apr 24, 2026 - 07:00 vuln.today
EUVD ID Assigned
Apr 24, 2026 - 06:45 euvd
EUVD-2026-25403
Analysis Generated
Apr 24, 2026 - 06:45 vuln.today
CVE Published
Apr 24, 2026 - 06:13 nvd
CRITICAL 9.8

DescriptionCVE.org

Delta Electronics AS320T has no checking of the length of the buffer with the directory name

vulnerability.

AnalysisAI

Unchecked directory name buffer in Delta Electronics AS320T enables remote code execution without authentication. The CVSS vector (AV:N/AC:L/PR:N/UI:N) confirms this is a remotely exploitable stack buffer overflow (CWE-121) requiring no user interaction or credentials. Delta Electronics disclosed this vulnerability in security advisory PCSA-2026-00006, affecting an industrial automation product. No EPSS score or KEV status available at time of analysis, but the trivial exploitation requirements (network accessible, no authentication, low complexity) present immediate risk to exposed AS320T devices.

Technical ContextAI

This is a classic stack-based buffer overflow (CWE-121) occurring in directory name processing code within Delta Electronics AS320T, an industrial automation servo drive or motion control system. The vulnerability arises when the application fails to validate the length of user-supplied directory name input before copying it into a fixed-size stack buffer. When an attacker provides a directory name exceeding the allocated buffer size, adjacent stack memory is overwritten, potentially including return addresses and frame pointers. The CPE string (cpe:2.3:a:deltaww:as320t:*:*:*:*:*:*:*:*) indicates all versions of the AS320T product line may be affected, though the wildcard version field lacks specificity. Stack buffer overflows in industrial control systems are particularly concerning because these devices often run with elevated privileges and may lack modern exploit mitigations like ASLR, DEP, or stack canaries common in enterprise operating systems.

RemediationAI

Consult Delta Electronics security advisory PCSA-2026-00006 at https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2026-00006_AS320T%20Multiple%20vulnerabilities%20(CVE-2026-1949,%201950,%201951,%201952).pdf for vendor-recommended patches and exact firmware versions addressing CVE-2026-1951. The advisory covers four related vulnerabilities affecting AS320T and should specify patched firmware release versions. Until patches are applied, implement network segmentation to isolate AS320T devices from untrusted networks using industrial firewalls or VLANs, ensuring only authenticated maintenance personnel can reach management interfaces. Deploy application-layer filtering to inspect and restrict directory name input lengths if the vulnerable interface is accessible via web or file transfer protocols - this may break legitimate functionality if directory paths exceed filtered limits. For internet-exposed devices, immediately move behind VPN access with multi-factor authentication, though the PR:N requirement suggests the vulnerability exists in unauthenticated code paths. Monitor AS320T devices for unexpected reboots, configuration changes, or network connections to unknown destinations as potential exploitation indicators.

Share

CVE-2026-1951 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy