Critical Buffer Overflow Hits Delta Electronics AS320T

/CRITICAL /CVSS 9.8/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvecriticalhigh-severitycwe-121
Critical Buffer Overflow Hits Delta Electronics AS320T

The National Vulnerability Database (NVD) has disclosed a critical buffer overflow vulnerability, CVE-2026-1950, affecting Delta Electronics AS320T devices. This flaw, rated with a CVSSv3.1 score of 9.8 (CRITICAL), stems from a lack of proper buffer length checking when handling filenames.

This is a textbook CWE-121 (Stack-based Buffer Overflow) scenario. An attacker could craft a malicious filename to overflow the buffer, leading to arbitrary code execution or a denial of service. The attack vector is network-based with low attack complexity and no privileges or user interaction required, making it extremely dangerous. The impact on confidentiality, integrity, and availability is rated as high.

For defenders, this means any exposed AS320T devices are prime targets. Given the nature of these systems, often found in industrial control environments, the implications are severe. Attackers are constantly looking for high-impact, low-effort vulnerabilities, and this fits the bill perfectly. Prioritize patching or isolation immediately.

What This Means For You

  • If your organization utilizes Delta Electronics AS320T devices, you need to understand the critical risk posed by CVE-2026-1950. This is a remote code execution waiting to happen. Identify all AS320T instances within your network, especially those exposed to the internet, and isolate or patch them without delay. Conduct a thorough audit to ensure no unauthorized access has already occurred.
🛡️ Am I exposed to this? Get detection rules for CVE-2026-1950 — Splunk, Sentinel, Elastic, QRadar & more

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access

🛡️ Detection Rules

4 rules · 6 SIEM formats

4 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

high T1190 Initial Access

Web Application Exploitation Attempt — CVE-2026-1950

Sigma YAML — free preview
✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-1950 Buffer Overflow Delta Electronics AS320T
CVE-2026-1950 Buffer Overflow No checking of the length of the buffer with the file name

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedApril 24, 2026 at 10:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related Posts

CVE-2026-4078 — Cross-Site Scripting (XSS)

CVE-2026-4078 — The ITERAS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes (iteras-ordering, iteras-signup, iteras-paywall-login, iteras-selfservice) in all versions up to...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-3569 — The Liaison Site Prober plugin for WordPress is vulnerable

CVE-2026-3569 — The Liaison Site Prober plugin for WordPress is vulnerable to Information Exposure in all versions up to and including 1.2.1 via the /wp-json/site-prober/v1/logs...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-3565 — The Taqnix plugin for WordPress is vulnerable to Cross-Site

CVE-2026-3565 — The Taqnix plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.3. This is due to...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma