CVE-2026-0975
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-16

Last updated on: 2026-01-16

Assigner: Deltaww

Description
Delta Electronics DIAView has Command Injection vulnerability.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-16
Last Modified
2026-01-16
Generated
2026-06-16
AI Q&A
2026-01-16
EPSS Evaluated
2026-06-15
NVD
CVE-2026-0975
EUVD
EUVD-2026-2977
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
delta_electronics diaview to 4.4 (exc)
delta_electronics diaview From 4.4 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-0975 is a high-severity command injection vulnerability in Delta Electronics DIAView versions 4.2.0 and earlier. It allows an attacker to execute arbitrary commands remotely through an exposed dangerous method in the DIAView product. This can lead to remote code execution on the affected system. The vulnerability has been fixed in DIAView version 4.4 and later. [1]

Impact Analysis

This vulnerability can allow an attacker to remotely execute arbitrary commands on your DIAView system, potentially leading to full compromise of the affected device. This can result in unauthorized control, data loss, or disruption of services. Since there is no workaround, affected users should upgrade to DIAView version 4.4 or later to mitigate the risk. Additionally, exposure of control systems to the internet increases risk, so network isolation and secure remote access methods are recommended. [1]

Mitigation Strategies

To mitigate this vulnerability, you should upgrade DIAView to version 4.4 or later, as the issue has been addressed in these versions. There is no workaround available. Additionally, general security recommendations include avoiding clicking on untrusted internet links or opening unsolicited email attachments, preventing exposure of control systems and equipment to the internet, placing systems behind firewalls and isolating them from business networks, and using secure remote access methods such as VPNs when remote access is necessary. [1]

Compliance Impact

The provided resources do not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-0975. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart