CVE-2023-4685 – Delta Electronics' CNCSoft-B and DOPSoft softwa... (How to Fix)

Q: What is the severity of CVE-2023-4685?

CVE-2023-4685 has a CVSS score of 7.8 (HIGH). Delta Electronics' CNCSoft-B and DOPSoft software contain a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code on affected systems. This affects industrial control systems using CNCSoft-B version 1.0.0.4 or DOPSoft versions 4.0.0.82 and earlier. Successful exploitation could compromise industrial operations.

📋 TL;DR

Delta Electronics' CNCSoft-B and DOPSoft software contain a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code on affected systems. This affects industrial control systems using CNCSoft-B version 1.0.0.4 or DOPSoft versions 4.0.0.82 and earlier. Successful exploitation could compromise industrial operations.

💻 Affected Systems

Products:

Delta Electronics CNCSoft-B
Delta Electronics DOPSoft

Versions: CNCSoft-B version 1.0.0.4, DOPSoft versions 4.0.0.82 and prior

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Industrial control systems using these Delta Electronics software products for CNC machine and HMI programming/configuration.

📦 What is this software?

Cncsoft B by Deltaww

View all CVEs affecting Cncsoft B →

Dopsoft by Deltaww

View all CVEs affecting Dopsoft →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attacker to execute arbitrary code, disrupt industrial processes, steal sensitive data, or pivot to other systems on the network.

🟠

Likely Case

Local privilege escalation or remote code execution if the vulnerable software is exposed to untrusted inputs, potentially leading to production disruption.

🟢

If Mitigated

Limited impact if systems are properly segmented and access controls prevent exploitation attempts.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires specific conditions where attacker can supply malicious input to the vulnerable software components.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to CNCSoft-B version 1.0.0.5 or later, DOPSoft version 4.0.0.83 or later

Vendor Advisory: https://www.deltaww.com/en-US/Support/Downloads/Detail?code=CNCSoft-B

Restart Required: Yes

Instructions:

1. Download latest version from Delta Electronics support portal. 2. Backup existing configurations. 3. Install updated software. 4. Restart affected systems. 5. Verify functionality.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate affected systems from untrusted networks and implement strict firewall rules.

Least Privilege Access

windows

Restrict user permissions and implement application whitelisting to prevent unauthorized execution.

🧯 If You Can't Patch

Implement strict network segmentation to isolate vulnerable systems from production networks.
Deploy intrusion detection systems to monitor for exploitation attempts and anomalous behavior.

🔍 How to Verify

Check if Vulnerable:

Check software version in Help > About menu or examine installed program version in Windows Control Panel.

Check Version:

wmic product where name like "%CNCSoft-B%" or name like "%DOPSoft%" get name,version

Verify Fix Applied:

Verify installed version is CNCSoft-B 1.0.0.5+ or DOPSoft 4.0.0.83+ and test software functionality.

📡 Detection & Monitoring

Log Indicators:

Application crashes, unexpected process terminations, abnormal memory usage patterns in CNCSoft-B/DOPSoft

Network Indicators:

Unusual network connections from CNC/HMI systems, unexpected outbound traffic

SIEM Query:

source="windows" AND (process_name="CNCSoft-B.exe" OR process_name="DOPSoft.exe") AND (event_id=1000 OR event_id=1001)

📊 Metadata

CVE ID: CVE-2023-4685

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-121

Published: September 7, 2023

Last Updated: November 21, 2024

🔗 References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-157-01 Third Party Advisory,US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-157-01 Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-4685, you might also want to check these: