CVE-2026-0975

High

Published: 16 January 2026

Published

16 January 2026

Modified

20 January 2026

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score 0.0003 7.7th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-0975 is a high-severity Command Injection (CWE-77) vulnerability in Deltaww Diaview. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked at the 7.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Command and Scripting Interpreter (T1059) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly remediates the command injection vulnerability in Delta Electronics DIAView by requiring timely identification, testing, and application of vendor-provided patches from advisory PCSA-2026-00002.

SI-10 Information Input Validation good match

prevent

Prevents command injection attacks by enforcing validation of all information inputs to DIAView, blocking malicious commands tricked via user interaction such as opening crafted files.

AC-6 Least Privilege partial match

prevent

Limits the impact of successful command injection and arbitrary command execution by enforcing least privilege on DIAView processes, reducing potential damage to confidentiality, integrity, and availability.

MITRE ATT&CK Enterprise TechniquesAI

T1059 Command and Scripting Interpreter Execution

Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.

attack.mitre.org →

T1203 Exploitation for Client Execution Execution

Adversaries may exploit software vulnerabilities in client applications to execute code.

attack.mitre.org →

T1204.002 Malicious File Execution

An adversary may rely upon a user opening a malicious file in order to gain execution.

attack.mitre.org →

Why these techniques?

Command injection directly enables arbitrary command execution (T1059); local client-side exploitation via malicious file or crafted input matches client execution (T1203) and user execution of malicious file (T1204.002).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Delta Electronics DIAView has Command Injection vulnerability.

Deeper analysisAI

CVE-2026-0975 is a Command Injection vulnerability (CWE-77) affecting Delta Electronics DIAView software. Published on 2026-01-16, it has a CVSS v3.1 base score of 7.8 (High), with the vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local access, low attack complexity, no privileges required, but user interaction is necessary, resulting in high impacts to confidentiality, integrity, and availability.

An attacker with local access to a system running the affected DIAView software can exploit this vulnerability by tricking a user into performing a specific action, such as opening a malicious file or executing a crafted command. Successful exploitation allows the attacker to inject and execute arbitrary commands, potentially leading to full remote code execution with high-impact consequences on the targeted system.

Delta Electronics has published security advisory PCSA-2026-00002, available at https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2026-00002_DIAView%20-Exposed%20Dangerous%20Method%20Remote%20Code%20Execution%20(CVE-2026-0975).pdf, which details the issue as an exposed dangerous method enabling remote code execution and provides guidance on mitigation.