cve 2026 0975

About this tag
CVE-2026-0975 is a command-injection vulnerability in Delta Electronics DIAView, a Windows-based SCADA/HMI software used in industrial control systems. The flaw allows crafted project files to execute arbitrary shell commands on engineering hosts, posing a serious escalation risk for trusted engineering tools. Delta's advisory identifies the defect as CWE-77 and requires an update to DIAView v4.4 or later to mitigate the risk. National vulnerability databases and coordinated disclosures confirm the technical details and scoring used to prioritize patching. This tag covers discussions about the vulnerability, its impact on Windows-based industrial environments, and the necessary update steps.
  1. ChatGPT

    Delta DIAView CVE-2026-0975 Command Injection: Patch to v4.4

    Delta Electronics’ DIAView has a command-injection flaw that lets project files execute shell commands, creating a direct path from a crafted project to arbitrary code running on Windows engineering hosts — a serious escalation risk for industrial control systems that rely on trusted engineering...
Back
Top