CVE-2025-22882

ISPSoft File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

CVSS 7.8 HIGHEPSS 0.3%

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 7.8EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

30 Apr 2025Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerability that could allow an attacker to leverage debugging logic to execute arbitrary code when parsing CBDGL file.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Delta Electronics · ISPSoft

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00004_ISPSoft%20-%20Multiple%20Vulnerabilities_v2.pdf