An attacker who tricks an engineer into opening a malicious configuration file can gain full control of the engineering workstation, potentially reaching connected servo drive systems and disrupting manufacturing or industrial operations. For organizations using ASDA-series drives in production lines, a successful compromise could halt operations, cause equipment misconfiguration, or introduce safety risks in physical processes. While no active exploitation has been reported, the combination of a publicly disclosed vulnerability and a file-based attack vector means the window for social-engineering attempts targeting OT engineers is open until patches are applied.
You Are Affected If
You run Delta Electronics ASDA-Soft versions prior to v7.2.6.0 on any engineering or configuration workstation
Your engineering workstations receive project or configuration files from external parties (vendors, contractors, removable media) without file validation controls
ASDA-Soft workstations are not segmented from broader corporate or OT networks, increasing lateral movement risk if a host is compromised
Your engineering staff have local administrator rights on ASDA-Soft workstations, which would amplify the impact of arbitrary code execution
Your asset inventory does not currently track ICS configuration software versions, making it unclear whether unpatched instances exist in your environment
Board Talking Points
A publicly disclosed security flaw in industrial configuration software used with our servo drive systems could allow an attacker to take control of an engineering workstation if a technician opens a malicious file.
Security teams should upgrade the affected software to the patched version (v7.2.6.0) within the next patch cycle, prioritizing any workstations that handle external configuration files.
Without patching, a targeted phishing or file-delivery attempt against an OT engineer could result in operational disruption or unauthorized access to drive configuration systems.
