CVE-2025-4124— ISPSoft File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-4124
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ISPSoft File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
Delta Electronics ISPSoft version 3.20 is vulnerable to an Out-Of-Bounds Write vulnerability that could allow an attacker to execute arbitrary code when parsing ISP file.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨界内存写
Source: NVD (National Vulnerability Database)
Vulnerability Title
Delta Electronics ISPSoft 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Delta Electronics ISPSoft是中国台达电子(Delta Electronics)公司的一套PLC(可编程逻辑控制器)编程软件。 Delta Electronics ISPSoft 3.20版本存在安全漏洞,该漏洞源于解析ISP文件时存在越界写入,可能导致执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Delta Electronics | ISPSoft | 0 ~ 3.20 | - |
II. Public POCs for CVE-2025-4124
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-4124
请登录查看更多情报信息。
Same Patch Batch · Delta Electronics · 2025-04-30 · 5 CVEs total
| CVE-2025-4125 | 7.8 HIGH | ISPSoft File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2025-22884 | 7.8 HIGH | ISPSoft File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2025-22883 | 7.8 HIGH | ISPSoft File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2025-22882 | 7.8 HIGH | ISPSoft File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
IV. Related Vulnerabilities
Same product: ISPSoft
- CVE-2025-4125
ISPSoft File Parsing Out-Of-Bounds Write Remote Code Executi - CVE-2025-22884
ISPSoft File Parsing Stack-based Buffer Overflow Remote Code - CVE-2025-22883
ISPSoft File Parsing Out-Of-Bounds Write Remote Code Executi - CVE-2025-22882
ISPSoft File Parsing Stack-based Buffer Overflow Remote Code - CVE-2023-5131
Delta Electronics ISPSoft Heap Buffer-Overflow
Same vendor: Delta Electronics
- CVE-2026-1361
ASDA-Soft Stack-based Buffer Overflow Vulnerability - CVE-2026-0975
DIAView - Command Injection Vulnerability - CVE-2025-62581
DIAView - Authentication Bypass Vulnerability - CVE-2025-62582
DIAView - Authentication Bypass Vulnerability - CVE-2025-15359
DVP-12SE11T - Out-of-bound memory write Vulnerability
V. Comments for CVE-2025-4124
No comments yet