CVE Catalog
CVE-2026-12818
CriticalCVSS 9.3Exploitation Probability (EPSS)
Low risk0.25%
16th percentile — higher than 16% of all known CVEs
Summary
Delta Electronics DVP12SE PLCs are vulnerable to an unlimited resource allocation attack in their Modbus TCP service. The lack of limits or throttling can lead to resource exhaustion.
Risk Assessment
An attacker can remotely overload the PLC, causing a denial of service (DoS) that disrupts industrial processes and may result in production downtime.
Recommendation
Restrict Modbus TCP service access to trusted networks only and apply firewall rules. Update the PLC firmware when patches are released by the vendor.
Original NVD description (English source)
Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling (CWE-770) within their Modbus TCP service.

