CVE-2026-12819
CriticalCVSS 9.3Exploitation Probability (EPSS)
Low risk23th percentile — higher than 23% of all known CVEs
Summary
Delta Electronics DVP12SE PLC exposes a Modbus TCP service without authentication or access control, allowing unauthenticated attackers to interact with security-sensitive PLC functions.
Risk Assessment
The organization is at risk of unauthorized modifications to PLC parameters, potentially causing industrial process disruptions, equipment damage, or personnel safety hazards.
Recommendation
Immediately implement authentication and access control for the Modbus TCP service, and restrict network access to the PLC using firewalls and OT network segmentation.
Original NVD description (English source)
Delta Electronics DVP12SE PLC exposes a Modbus TCP service over a specified port without authentication or access control, permitting unauthenticated interaction with security-sensitive PLC functions.

