CVE Catalog

CVE-2026-12818

CriticalCVSS 9.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

16th percentile — higher than 16% of all known CVEs

Summary

Delta Electronics DVP12SE PLCs are vulnerable to an unlimited resource allocation attack in their Modbus TCP service. The lack of limits or throttling can lead to resource exhaustion.

Risk Assessment

An attacker can remotely overload the PLC, causing a denial of service (DoS) that disrupts industrial processes and may result in production downtime.

Recommendation

Restrict Modbus TCP service access to trusted networks only and apply firewall rules. Update the PLC firmware when patches are released by the vendor.

Original NVD description (English source)

Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling (CWE-770) within their Modbus TCP service.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS