CVE-2025-53418 - Vulnerability Details - OpenCVE

Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00054.

Exploitation none

Automatable no

Technical Impact total

No data.

No data.

No data.

No data.

Fixes

Solution

Download and update COMMGR to: v2.10.0 or later

Workaround

No workaround given by the vendor.

References

Link	Providers
https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00014_COMMGR%20Stack-based%20Buffer%20Overflow%20and%20Code%20Injection%20Vulnerabilities.pdf

History

Tue, 26 Aug 2025 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 26 Aug 2025 07:15:00 +0000

Type	Values Removed	Values Added
Description		Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability.
Title		COMMGR Stack-based Buffer Overflow Vulnerability
Weaknesses		CWE-121
References		https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00014_COMMGR%20Stack-based%20Buffer%20Overflow%20and%20Code%20Injection%20Vulnerabilities.pdf
Metrics		cvssV3_1 `{'score': 8.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H'}`

MITRE

Status: PUBLISHED

Assigner: Deltaww

Published: 2025-08-26T06:54:44.655Z

Updated: 2025-08-26T19:32:16.868Z

Reserved: 2025-06-30T08:06:53.587Z

Link: CVE-2025-53418

Vulnrichment

Updated: 2025-08-26T19:32:09.418Z

NVD

Status : Awaiting Analysis

Published: 2025-08-26T07:15:33.437

Modified: 2025-08-26T13:41:58.950

Link: CVE-2025-53418

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-53418", "assignerOrgId": "759f5e80-c8e1-4224-bead-956d7b33c98b", "state": "PUBLISHED", "assignerShortName": "Deltaww", "dateReserved": "2025-06-30T08:06:53.587Z", "datePublished": "2025-08-26T06:54:44.655Z", "dateUpdated": "2025-08-26T19:32:16.868Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "COMMGR", "vendor": "Delta Electronics", "versions": [{"lessThanOrEqual": "2.9.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2025-08-26T06:54:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability."}], "value": "Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability."}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "759f5e80-c8e1-4224-bead-956d7b33c98b", "shortName": "Deltaww", "dateUpdated": "2025-08-26T06:54:44.655Z"}, "references": [{"url": "https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00014_COMMGR%20Stack-based%20Buffer%20Overflow%20and%20Code%20Injection%20Vulnerabilities.pdf"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Download and update COMMGR to: v2.10.0 or later"}], "value": "Download and update COMMGR to: v2.10.0 or later"}], "source": {"defect": ["CISA"], "discovery": "EXTERNAL"}, "title": "COMMGR Stack-based Buffer Overflow Vulnerability", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-26T19:31:02.727838Z", "id": "CVE-2025-53418", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-26T19:32:16.868Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-53418", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-08-26T19:31:02.727838Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-26T19:32:09.418Z"}}], "cna": {"title": "COMMGR Stack-based Buffer Overflow Vulnerability", "source": {"defect": ["CISA"], "discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Delta Electronics", "product": "COMMGR", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "2.9.0"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Download and update COMMGR to: v2.10.0 or later", "supportingMedia": [{"type": "text/html", "value": "Download and update COMMGR to: v2.10.0 or later", "base64": false}]}], "datePublic": "2025-08-26T06:54:00.000Z", "references": [{"url": "https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00014_COMMGR%20Stack-based%20Buffer%20Overflow%20and%20Code%20Injection%20Vulnerabilities.pdf"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability.", "supportingMedia": [{"type": "text/html", "value": "Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "759f5e80-c8e1-4224-bead-956d7b33c98b", "shortName": "Deltaww", "dateUpdated": "2025-08-26T06:54:44.655Z"}}}, "cveMetadata": {"cveId": "CVE-2025-53418", "state": "PUBLISHED", "dateUpdated": "2025-08-26T19:32:16.868Z", "dateReserved": "2025-06-30T08:06:53.587Z", "assignerOrgId": "759f5e80-c8e1-4224-bead-956d7b33c98b", "datePublished": "2025-08-26T06:54:44.655Z", "assignerShortName": "Deltaww"}, "dataVersion": "5.1"}