Cyber Posture

CVE-2026-1950

Critical

Published: 24 April 2026

Published
24 April 2026
Modified
24 April 2026
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0006 17.4th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-1950 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Deltaww (inferred from references). Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 17.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Enforces validation of file name inputs, including length checks, to directly prevent stack-based buffer overflows from insufficient bounds checking.

SI-2 Flaw Remediation good match
prevent

Requires identification, reporting, and correction of flaws like this buffer overflow vulnerability through timely patching as per the vendor advisory.

SI-16 Memory Protection good match
prevent

Implements memory safeguards such as non-executable stacks and address randomization to mitigate exploitation of stack-based buffer overflows even if input validation fails.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

Remote unauthenticated stack buffer overflow enabling arbitrary code execution on a public-facing ICS device directly maps to exploitation of public-facing applications.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Delta Electronics AS320T has No checking of the length of the buffer with the file name vulnerability.

Deeper analysisAI

CVE-2026-1950 is a stack-based buffer overflow vulnerability (CWE-121) in Delta Electronics AS320T, caused by a lack of length checking for the buffer handling file names. Published on 2026-04-24, it affects this specific industrial control system component and carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical severity.

A remote attacker requires no privileges or user interaction and can exploit the vulnerability over the network with low attack complexity. Successful exploitation enables high-impact compromise of confidentiality, integrity, and availability, potentially allowing arbitrary code execution or system disruption on the affected AS320T device.

Delta Electronics has published security advisory PCSA-2026-00006, which covers CVE-2026-1950 alongside related vulnerabilities CVE-2026-1949, 1951, and 1952 in the AS320T. The advisory is available at https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2026-00006_AS320T%20Multiple%20vulnerabilities%20(CVE-2026-1949,%201950,%201951,%201952).pdf.

Details

CWE(s)
CWE-121

Affected Products

Deltaww
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2025-70219Shared CWE-121
CVE-2025-61128Shared CWE-121
CVE-2019-25319Shared CWE-121
CVE-2026-22904Shared CWE-121
CVE-2026-30871Shared CWE-121
CVE-2025-70222Shared CWE-121
CVE-2025-41687Shared CWE-121
CVE-2026-22214Shared CWE-121
CVE-2025-70226Shared CWE-121
CVE-2025-11779Shared CWE-121

References