HomeIntelligenceBrief
VULNERABILITY BRIEF🟠 High Vulnerability

Critical Remote Code Execution in Delta Electronics ASDA‑Soft (CVE‑2026‑1361) via PAR File Parsing

Delta Electronics’ ASDA‑Soft contains a stack‑based buffer overflow (CVE‑2026‑1361) that allows remote code execution when a malicious PAR file is opened. The vulnerability scores 7.8 CVSS and impacts manufacturers and OEMs that embed ASDA‑Soft in their production lines, creating a supply‑chain risk for downstream customers.

LiveThreat™ Intelligence · 📅 March 17, 2026· 📰 zerodayinitiative.com
🟠
Severity
High
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
2 sector(s)
Actions
5 recommended
📰
Source
zerodayinitiative.com

Critical Remote Code Execution in Delta Electronics ASDA‑Soft (CVE‑2026‑1361) via PAR File Parsing

What It Is – A stack‑based buffer overflow in the PAR file parser of Delta Electronics’ ASDA‑Soft allows a remote attacker to execute arbitrary code. The flaw (CVE‑2026‑1361) scores 7.8 CVSS (High) and requires the victim to open a malicious PAR file or visit a crafted page.

Exploitability – Public advisory released 16 Mar 2026; no public PoC yet, but the vulnerability is actively exploitable once a malicious file is delivered.

Affected Products – Delta Electronics ASDA‑Soft (all versions prior to the vendor‑issued patch).

TPRM Impact – ASDA‑Soft is often embedded in industrial control and IoT deployments supplied to manufacturers, OEMs, and managed service providers. A successful exploit can compromise downstream customers, create a supply‑chain foothold, and lead to service disruption or data leakage across multiple organizations.

Recommended Actions

  • Patch immediately – Deploy Delta’s security update referenced in the advisory.
  • Inventory – Identify all assets running ASDA‑Soft across your vendor ecosystem; prioritize critical production systems.
  • Network Segmentation – Restrict inbound traffic to systems that process PAR files; enforce application‑layer filtering.
  • User Awareness – Train end‑users and third‑party operators to avoid opening unsolicited PAR files.
  • Monitor – Enable IDS/IPS signatures for the known exploit patterns and log any abnormal process launches.

Source: Zero Day Initiative Advisory ZDI‑26‑211

📰 Original Source
http://www.zerodayinitiative.com/advisories/ZDI-26-211/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Every gap like this maps to a control you can evidence.

The Verisq AI Trust Operations platform maps incidents to your control framework and collects the evidence continuously — so your Trust Center shows proof, not promises, when a buyer or auditor asks.

Explore the Verisq AI Trust Operations platform →