KEVIntel

Vulnerability detail

Enriched intelligence for a single CVE

Back to KEVs

7.8

CVSS
High

CVE-2021-38406

PUBLISHED

Delta Electronics DOPSoft 2 Out-of-Bounds Write

Exploited in the wild Low complexity

Vendor: Delta Electronics
Product: DOPSoft 2
Published: Sep 17, 2021
EPSS: —

Description

Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of the current process.

cisa nessus_scanner

CVSS scores

CVSS v3.1 7.8 High

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitation status

Exploited in the wild

Recorded 2022-08-25 00:00:00 UTC · Source

SSVC decision points

Exploitation: active
Automatable: No
Technical impact: total

References

https://us-cert.cisa.gov/ics/advisories/icsa-21-252-02

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CISA	Aug 25, 2022

Scanner integrations

Scanner	Reference	Detected
Nessus	https://www.tenable.com/plugins/nessus/164640	Jun 02, 2025

Timeline

CVE ID Reserved

August 10, 2021
CVE Published to Public

September 17, 2021
Added to KEVIntel

August 25, 2022
Detected by Nessus

June 02, 2025