CVE-2026-12818 | Delta Electronics DVP12SE PLCs are susceptible to a resource… | CVSS 9.3 CRITICAL

Description

Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling (CWE-770) within their Modbus TCP service.

Metadata

CVE ID: CVE-2026-12818
State: PUBLISHED
Assigner: Deltaww
Reserved: 2026-06-21 10:18 UTC
Published: 2026-06-30 06:24 UTC
Last updated: 2026-06-30 06:30 UTC
Primary CWE: CWE-770
CWE-770 Allocation of resources without limits or throttling
Vendor / Product: deltaww / DVP-12SE
Sources: cve.org · NVD

Severity & Metrics

9.3 CRITICAL CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products (1)

Vendor	Product	Platform	Versions
deltaww	DVP-12SE	—	*

Weakness (CWE)

CWE	Source	Description
CWE-770	cna	CWE-770 Allocation of resources without limits or throttling

CVSS scores (1)

Score	Severity	Version	Source	Vector
9.3	CRITICAL	4.0	cna	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References (1)

https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2026-00011_DVP12SE%20Multiple%20Vulnerabilities%20(CVE-2026-12818,%20CVE-2026-12819)_v1.0.pdf