Delta Electronics AS320T has denial of service via the undocumented subfunction vulnerability.
The vulnerability (CWE-912) is related to the presence of hidden, undocumented functionality in the Delta Electronics AS320T device. An attacker can send an appropriately crafted request to this subfunction over the network, without needing to possess any credentials or user interaction. The result is destabilization or complete shutdown of the device.
An attacker can cause the Delta Electronics AS320T device to become unavailable, which in industrial environments may result in interruption of automation and control processes. The attack does not require authentication or physical access to the device.
Security patches available from the manufacturer should be applied according to the references — security bulletin Delta-PCSA-2026-00006 available at the address indicated in the references section. Until patches are deployed, it is recommended to isolate AS320T devices from untrusted networks and restrict network access exclusively to authorized hosts.
Delta Electronics AS320T — specific firmware/hardware versions are indicated in the manufacturer's references (bulletin Delta-PCSA-2026-00006)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDeltaww As320t
HWDeltawwwszystkie wersjeDeltaww As320t Firmware
OSDeltaww< 1.16
Related vulnerabilities
Delta Electronics AS320T — błędna kalkulacja rozmiaru bufora w handlerze GET/PUT
Delta Electronics AS320T — przepełnienie bufora stosu przez nazwę pliku
Delta Electronics AS320T — przepełnienie bufora przez nazwę katalogu (stack-based buffer overflow)
Stack-based Buffer Overflow w Delta Electronics COMMGR2
Delta Electronics DIAView — krytyczne podatności (CVE-2025-62581)