Critical Vulnerability in Delta Electronics CNCSoft-G2 Allows Remote Code Execution

The Delta Electronics CNCSoft-G2 software contains a severe out-of-bounds write vulnerability (CVSS v3 score of 7.8), which allows remote code execution. This vulnerability impacts critical manufacturing infrastructure, where unauthenticated attackers could exploit it to gain full control over affected devices. The lack of specific CVE identifiers suggests the issue may be under active investigation or undisclosed. Industrial manufacturers using this software are at immediate risk, as such vulnerabilities can lead to operational disruptions, data breaches, or physical safety hazards. Defenders should prioritize updating to patched versions, implementing network segmentation, and enhancing device monitoring. This incident underscores the growing threat landscape for industrial control systems (ICS) and highlights the need for proactive cybersecurity measures in critical manufacturing sectors.