Login Sign Up

CVE-2021-32965

7.8 HIGH
Remote Code Execution

📋 TL;DR

Delta Electronics DIAScreen versions prior to 1.1.0 contain a type confusion vulnerability that could allow remote attackers to execute arbitrary code on affected systems. This affects industrial control systems using vulnerable DIAScreen software for HMI/SCADA applications. Attackers could potentially gain control of industrial processes.

💻 Affected Systems

Products:
  • Delta Electronics DIAScreen
Versions: All versions prior to 1.1.0
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Typically deployed in industrial control environments for HMI/SCADA applications.

📦 What is this software?

Diascreen by Deltaww

View all CVEs affecting Diascreen →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of industrial control systems leading to physical process manipulation, production disruption, safety system bypass, or environmental damage.

🟠

Likely Case

Remote code execution allowing attackers to install malware, exfiltrate sensitive industrial data, or disrupt HMI/SCADA operations.

🟢

If Mitigated

Limited impact if systems are air-gapped, properly segmented, and have strict access controls preventing external communication.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Type confusion vulnerabilities typically require specific knowledge of the software's memory layout and object structures.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.1.0

Vendor Advisory: https://www.cisa.gov/uscert/ics/advisories/icsa-21-208-05

Restart Required: Yes

Instructions:

1. Download DIAScreen version 1.1.0 from Delta Electronics
2. Backup current configuration and data
3. Install the updated version following vendor instructions
4. Restart the system
5. Verify successful installation

🔧 Temporary Workarounds

Network Segmentation

all

Isolate DIAScreen systems from untrusted networks and internet access

Firewall Restrictions

all

Implement strict firewall rules to limit inbound connections to DIAScreen systems

🧯 If You Can't Patch

  • Implement strict network segmentation and air-gap vulnerable systems from untrusted networks
  • Deploy application whitelisting to prevent unauthorized code execution

🔍 How to Verify

Check if Vulnerable:

Check DIAScreen version in application interface or installation directory properties

Check Version:

Check application version through DIAScreen interface or Windows Program and Features

Verify Fix Applied:

Verify DIAScreen version shows 1.1.0 or higher in application properties

📡 Detection & Monitoring

Log Indicators:

  • Unusual process creation from DIAScreen executable
  • Network connections from DIAScreen to unexpected destinations
  • Application crashes or unexpected behavior in DIAScreen

Network Indicators:

  • Unexpected network traffic to/from DIAScreen systems
  • Suspicious protocol usage targeting DIAScreen ports

SIEM Query:

Process creation where parent process contains 'DIAScreen' AND (process name contains 'cmd.exe' OR 'powershell.exe' OR 'wscript.exe')

📊 Metadata

CVE ID: CVE-2021-32965
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-843
Published: May 24, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-32965, you might also want to check these:

CVE-2025-47151 9.8

A type confusion vulnerability in Entr'ouvert Lasso's SAML parsing allows remote code execution when...

Same vulnerability type (CWE-843)
CVE-2025-65570 9.8

A type confusion vulnerability in jsish 2.0 allows incorrect control flow during execution of the OP...

Same vulnerability type (CWE-843)
CVE-2020-25575 9.8

This vulnerability in the Rust failure crate (versions through 0.1.5) involves a type confusion flaw...

Same vulnerability type (CWE-843)