Description
ASDA-Soft Stack-based Buffer Overflow Vulnerability
Published: 2026-04-08
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Possible arbitrary code execution
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is a stack‑based buffer overflow in the ASDA‑Soft application. The overflow can allow an attacker to overwrite the stack and potentially inject and execute malicious code, which may lead to a compromise of confidentiality, integrity, or availability. The impact is inferred from the nature of the bug and typical exploitation of stack overflows.

Affected Systems

DeltaWW ASDA‑Soft running on Windows is affected. Any installation older than version 7.2.6.0 is vulnerable, and the vendor recommends upgrading to 7.2.6.0 or later.

Risk and Exploitability

The CVSS score of 7.8 indicates high severity. The EPSS score of less than 1% suggests a low probability of exploitation at present, and the vulnerability is not listed in the CISA KEV catalog. Attackers are inferred to need access to the vulnerable ASDA‑Soft process, either through local user privileges or potentially via untrusted input, to trigger the overflow. The official remedy is to apply the available patch, which is the primary mitigation.

Generated by OpenCVE AI on April 13, 2026 at 14:50 UTC.

Remediation

Vendor Solution

Download and update to: ASDA-Soft v7.2.6.0 or later (Delta Download Center)

OpenCVE Recommended Actions

  • Update ASDA‑Soft to version 7.2.6.0 or later using the Delta Download Center.

Generated by OpenCVE AI on April 13, 2026 at 14:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 13 Apr 2026 13:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-787
CPEs cpe:2.3:a:deltaww:asda_soft:*:*:*:*:*:*:*:*

Wed, 08 Apr 2026 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Deltaww asda Soft
Vendors & Products Deltaww asda Soft

Wed, 08 Apr 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 08 Apr 2026 02:30:00 +0000

Type Values Removed Values Added
Description ASDA-Soft Stack-based Buffer Overflow Vulnerability
Title ASDA-Soft Stack-based Buffer Overflow Vulnerability
First Time appeared Deltaww
Deltaww asda-soft
Weaknesses CWE-121
CPEs cpe:2.3:a:deltaww:asda-soft:*:*:windows:*:*:*:*:*
Vendors & Products Deltaww
Deltaww asda-soft
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Deltaww Asda-soft Asda Soft
cve-icon MITRE

Status: PUBLISHED

Assigner: Deltaww

Published:

Updated: 2026-04-08T15:58:11.280Z

Reserved: 2026-04-07T08:41:00.448Z

Link: CVE-2026-5726

cve-icon Vulnrichment

Updated: 2026-04-08T15:58:05.530Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-08T03:16:07.700

Modified: 2026-04-13T12:49:03.307

Link: CVE-2026-5726

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-14T16:40:12Z

Weaknesses