You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2026 0975
About this tag
CVE-2026-0975 is a command-injection vulnerability in Delta Electronics DIAView, a Windows-based SCADA/HMI software used in industrial control systems. The flaw allows crafted project files to execute arbitrary shell commands on engineering hosts, posing a serious escalation risk for trusted engineering tools. Delta's advisory identifies the defect as CWE-77 and requires an update to DIAView v4.4 or later to mitigate the risk. National vulnerability databases and coordinated disclosures confirm the technical details and scoring used to prioritize patching. This tag covers discussions about the vulnerability, its impact on Windows-based industrial environments, and the necessary update steps.
Delta Electronics’ DIAView has a command-injection flaw that lets project files execute shell commands, creating a direct path from a crafted project to arbitrary code running on Windows engineering hosts — a serious escalation risk for industrial control systems that rely on trusted engineering...