Skip to main content

As320T

4 CVEs product

Monthly

CVE-2026-1951 CRITICAL Act Now

Unchecked directory name buffer in Delta Electronics AS320T enables remote code execution without authentication. The CVSS vector (AV:N/AC:L/PR:N/UI:N) confirms this is a remotely exploitable stack buffer overflow (CWE-121) requiring no user interaction or credentials. Delta Electronics disclosed this vulnerability in security advisory PCSA-2026-00006, affecting an industrial automation product. No EPSS score or KEV status available at time of analysis, but the trivial exploitation requirements (network accessible, no authentication, low complexity) present immediate risk to exposed AS320T devices.

Buffer Overflow Stack Overflow As320T
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-1952 CRITICAL Act Now

Remote unauthenticated attackers can trigger denial of service in Delta Electronics AS320T industrial automation devices by invoking an undocumented subfunction. The vulnerability allows network-accessible exploitation without credentials against default configurations, potentially disrupting critical industrial control operations. Delta Electronics confirmed the flaw in PCSA-2026-00006, grouped with three other CVEs affecting the same product line.

Denial Of Service As320T
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-1950 CRITICAL Act Now

Remote code execution in Delta Electronics AS320T allows unauthenticated network attackers to exploit an unchecked buffer overflow in filename processing to execute arbitrary code with high impact to confidentiality, integrity, and availability. The CVSS 9.8 critical score reflects network-accessible attack surface with no authentication or user interaction required. No EPSS or KEV data available at time of analysis, but vendor advisory confirms multiple related vulnerabilities affecting the same product line.

Buffer Overflow Stack Overflow As320T
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-1949 CRITICAL Act Now

Remote code execution in Delta Electronics AS320T industrial automation server allows unauthenticated network attackers to trigger memory corruption via malformed GET/PUT requests to the web service. The incorrect buffer size calculation (CWE-131) enables stack-based overflow attacks against network-exposed management interfaces. With CVSS 9.8 (AV:N/AC:L/PR:N/UI:N) indicating trivial exploitation conditions and CRITICAL severity, this vulnerability represents an immediate risk to industrial control systems deploying this Delta OT product, though no public exploit or active exploitation confirmed at time of analysis.

Information Disclosure As320T
NVD
CVSS 3.1
9.8
EPSS
0.0%
EPSS 0% CVSS 9.8
CRITICAL Act Now

Unchecked directory name buffer in Delta Electronics AS320T enables remote code execution without authentication. The CVSS vector (AV:N/AC:L/PR:N/UI:N) confirms this is a remotely exploitable stack buffer overflow (CWE-121) requiring no user interaction or credentials. Delta Electronics disclosed this vulnerability in security advisory PCSA-2026-00006, affecting an industrial automation product. No EPSS score or KEV status available at time of analysis, but the trivial exploitation requirements (network accessible, no authentication, low complexity) present immediate risk to exposed AS320T devices.

Buffer Overflow Stack Overflow As320T
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Remote unauthenticated attackers can trigger denial of service in Delta Electronics AS320T industrial automation devices by invoking an undocumented subfunction. The vulnerability allows network-accessible exploitation without credentials against default configurations, potentially disrupting critical industrial control operations. Delta Electronics confirmed the flaw in PCSA-2026-00006, grouped with three other CVEs affecting the same product line.

Denial Of Service As320T
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Remote code execution in Delta Electronics AS320T allows unauthenticated network attackers to exploit an unchecked buffer overflow in filename processing to execute arbitrary code with high impact to confidentiality, integrity, and availability. The CVSS 9.8 critical score reflects network-accessible attack surface with no authentication or user interaction required. No EPSS or KEV data available at time of analysis, but vendor advisory confirms multiple related vulnerabilities affecting the same product line.

Buffer Overflow Stack Overflow As320T
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Remote code execution in Delta Electronics AS320T industrial automation server allows unauthenticated network attackers to trigger memory corruption via malformed GET/PUT requests to the web service. The incorrect buffer size calculation (CWE-131) enables stack-based overflow attacks against network-exposed management interfaces. With CVSS 9.8 (AV:N/AC:L/PR:N/UI:N) indicating trivial exploitation conditions and CRITICAL severity, this vulnerability represents an immediate risk to industrial control systems deploying this Delta OT product, though no public exploit or active exploitation confirmed at time of analysis.

Information Disclosure As320T
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy