← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-38406 — Actively Exploited: DOPSoft 2 (Delta Electronics)

Delta Electronics DOPSoft 2 lacks proper validation of user-supplied data when parsing specific project files (improper input validation) resulting in an out-of-bounds write that allows for code execution.

CVE IDCVE-2021-38406
VendorDelta Electronics
ProductDOPSoft 2
Vulnerability nameDelta Electronics DOPSoft 2 Improper Input Validation Vulnerability
Date added2022-08-25
Remediation due2022-09-15
Known ransomware useUnknown
Required actionThe impacted product is end-of-life and should be disconnected if still in use.
DescriptionDelta Electronics DOPSoft 2 lacks proper validation of user-supplied data when parsing specific project files (improper input validation) resulting in an out-of-bounds write that allows for code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →