{ "document": { "acknowledgments": [ { "names": [ "Guillaume Orlando" ], "organization": "Trend Micro Zero Day Initiative", "summary": "reporting these vulnerabilities to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage" } }, "lang": "en-US", "notes": [ { "category": "legal_disclaimer", "text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).", "title": "Legal Notice and Terms of Use" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities could allow an attacker to write data outside of the allocated memory buffer.", "title": "Risk evaluation" }, { "category": "other", "text": "Critical Manufacturing", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Taiwan", "title": "Company headquarters location" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time. These vulnerabilities are not exploitable remotely.", "title": "Recommended Practices" } ], "publisher": { "category": "coordinator", "contact_details": "central@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSA-25-296-04 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-296-04.json" }, { "category": "self", "summary": "ICSA Advisory ICSA-25-296-04 - Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-04" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/topics/industrial-control-systems" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/secure-our-world/teach-employees-avoid-phishing" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/news/avoiding-social-engineering-and-phishing-attacks" } ], "title": "Delta Electronics ASDA-Soft", "tracking": { "current_release_date": "2025-10-23T06:00:00.000000Z", "generator": { "date": "2025-10-23T16:23:40.328726Z", "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-25-296-04", "initial_release_date": "2025-10-23T06:00:00.000000Z", "revision_history": [ { "date": "2025-10-23T06:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "Initial Publication" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "<=7.0.2.0", "product": { "name": "Delta Electronics ASDA-Soft: <=7.0.2.0", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "ASDA-Soft" } ], "category": "vendor", "name": "Delta Electronics" } ] }, "vulnerabilities": [ { "cve": "CVE-2025-62579", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "summary", "text": "Delta Electronics ASDA-Soft can write data outside of the intended memory buffer when a valid user opens a maliciously crafted project file.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2025-62579" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" } ], "remediations": [ { "category": "vendor_fix", "details": "Delta Electronics has released an updated version of ASDA-Soft and recommends users install v7.1.1.0 or newer.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, see Delta Electronics advisory Delta-PCSA-2025-00019.", "product_ids": [ "CSAFPID-0001" ], "url": "https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00019_ASDA-Soft%20Stack-based%20Buffer%20Overflow%20Vulnerabilities.pdf" }, { "category": "mitigation", "details": "Delta Electronics offers the following general recommendations:", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Do not click on untrusted Internet links or open unsolicited attachments in emails.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Avoid exposing control systems and equipment to the Internet.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Place systems and devices behind a firewall and isolate them from the business network.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "When remote access is required, use a secure access method, such as a virtual private network (VPN).", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Contact Delta Electronics via their portal page for any product-related support concerns, information, or materials you may require.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.deltaww.com/en-US/Customer-Service" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2025-62580", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "summary", "text": "Delta Electronics ASDA-Soft can write data outside of the intended memory buffer when a valid user opens a maliciously crafted project file.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2025-62580" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" } ], "remediations": [ { "category": "vendor_fix", "details": "Delta Electronics has released an updated version of ASDA-Soft and recommends users install v7.1.1.0 or newer.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more information, see Delta Electronics advisory Delta-PCSA-2025-00019.", "product_ids": [ "CSAFPID-0001" ], "url": "https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00019_ASDA-Soft%20Stack-based%20Buffer%20Overflow%20Vulnerabilities.pdf" }, { "category": "mitigation", "details": "Delta Electronics offers the following general recommendations:", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Do not click on untrusted Internet links or open unsolicited attachments in emails.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Avoid exposing control systems and equipment to the Internet.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Place systems and devices behind a firewall and isolate them from the business network.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "When remote access is required, use a secure access method, such as a virtual private network (VPN).", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Contact Delta Electronics via their portal page for any product-related support concerns, information, or materials you may require.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.deltaww.com/en-US/Customer-Service" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] } ] }