Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
5DescriptionCVE.org
Delta Electronics AS320T has no checking of the length of the buffer with the directory name
vulnerability.
AnalysisAI
Unchecked directory name buffer in Delta Electronics AS320T enables remote code execution without authentication. The CVSS vector (AV:N/AC:L/PR:N/UI:N) confirms this is a remotely exploitable stack buffer overflow (CWE-121) requiring no user interaction or credentials. Delta Electronics disclosed this vulnerability in security advisory PCSA-2026-00006, affecting an industrial automation product. No EPSS score or KEV status available at time of analysis, but the trivial exploitation requirements (network accessible, no authentication, low complexity) present immediate risk to exposed AS320T devices.
Technical ContextAI
This is a classic stack-based buffer overflow (CWE-121) occurring in directory name processing code within Delta Electronics AS320T, an industrial automation servo drive or motion control system. The vulnerability arises when the application fails to validate the length of user-supplied directory name input before copying it into a fixed-size stack buffer. When an attacker provides a directory name exceeding the allocated buffer size, adjacent stack memory is overwritten, potentially including return addresses and frame pointers. The CPE string (cpe:2.3:a:deltaww:as320t:*:*:*:*:*:*:*:*) indicates all versions of the AS320T product line may be affected, though the wildcard version field lacks specificity. Stack buffer overflows in industrial control systems are particularly concerning because these devices often run with elevated privileges and may lack modern exploit mitigations like ASLR, DEP, or stack canaries common in enterprise operating systems.
RemediationAI
Consult Delta Electronics security advisory PCSA-2026-00006 at https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2026-00006_AS320T%20Multiple%20vulnerabilities%20(CVE-2026-1949,%201950,%201951,%201952).pdf for vendor-recommended patches and exact firmware versions addressing CVE-2026-1951. The advisory covers four related vulnerabilities affecting AS320T and should specify patched firmware release versions. Until patches are applied, implement network segmentation to isolate AS320T devices from untrusted networks using industrial firewalls or VLANs, ensuring only authenticated maintenance personnel can reach management interfaces. Deploy application-layer filtering to inspect and restrict directory name input lengths if the vulnerable interface is accessible via web or file transfer protocols - this may break legitimate functionality if directory paths exceed filtered limits. For internet-exposed devices, immediately move behind VPN access with multi-factor authentication, though the PR:N requirement suggests the vulnerability exists in unauthenticated code paths. Monitor AS320T devices for unexpected reboots, configuration changes, or network connections to unknown destinations as potential exploitation indicators.
Remote code execution in Delta Electronics AS320T allows unauthenticated network attackers to exploit an unchecked buffe
Remote unauthenticated attackers can trigger denial of service in Delta Electronics AS320T industrial automation devices
Remote code execution in Delta Electronics AS320T industrial automation server allows unauthenticated network attackers
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-25403
GHSA-cc2v-9v42-3c8q