Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

COMMGR

Source -

CNA

CNA CVEs -

3

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2025-53419
Assigner-Delta Electronics, Inc.
ShareView Details
Assigner-Delta Electronics, Inc.
CVSS Score-7.8||HIGH
EPSS-Not Assigned
Published-26 Aug, 2025 | 07:02
Updated-26 Aug, 2025 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
COMMGR Code Injection Vulnerability

Delta Electronics COMMGR has Code Injection vulnerability.

Action-Not Available
Vendor-Delta Electronics, Inc.
Product-COMMGR
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2025-53418
Assigner-Delta Electronics, Inc.
ShareView Details
Assigner-Delta Electronics, Inc.
CVSS Score-8.6||HIGH
EPSS-Not Assigned
Published-26 Aug, 2025 | 06:54
Updated-26 Aug, 2025 | 19:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
COMMGR Stack-based Buffer Overflow Vulnerability

Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability.

Action-Not Available
Vendor-Delta Electronics, Inc.
Product-COMMGR
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-3495
Assigner-Delta Electronics, Inc.
ShareView Details
Assigner-Delta Electronics, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.14% / 33.94%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 03:10
Updated-19 Aug, 2025 | 00:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
COMMGR - Insufficient Randomization Authentication Bypass

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code.

Action-Not Available
Vendor-Delta Electronics, Inc.
Product-COMMGR
CWE ID-CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)