CVE-2026-0975 is a command injection vulnerability classified under CWE-77 affecting Delta Electronics DIAView, a software product used for industrial automation and control. The vulnerability arises from improper neutralization of special elements in user-supplied input, allowing an attacker to inject and execute arbitrary OS commands. According to the CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), exploitation requires local access (AV:L), low attack complexity (AC:L), no privileges (PR:N), and user interaction (UI:R). The scope is unchanged (S:U), but successful exploitation can lead to complete compromise of confidentiality, integrity, and availability (C:H/I:H/A:H). The vulnerability affects all versions of DIAView, with no patches currently available. Although no known exploits are reported in the wild, the potential impact is significant, especially in industrial environments where DIAView is deployed for monitoring and controlling critical processes. Attackers could leverage this flaw to execute arbitrary commands, potentially disrupting operations, stealing sensitive data, or causing physical damage through control systems. The vulnerability was published on January 16, 2026, and assigned by Deltaww. Given the nature of the product and the vulnerability, this represents a serious threat to industrial control system security.

For European organizations, especially those in manufacturing, energy, utilities, and critical infrastructure sectors that rely on Delta Electronics DIAView for industrial automation, this vulnerability poses a severe risk. Exploitation could lead to unauthorized command execution, resulting in data breaches, operational disruption, and potential physical damage to industrial equipment. The compromise of confidentiality could expose sensitive operational data or intellectual property. Integrity breaches could allow attackers to manipulate control commands, causing unsafe conditions or production errors. Availability impacts could lead to downtime or denial of service in critical processes. Given the interconnected nature of industrial systems in Europe and the increasing adoption of automation technologies, this vulnerability could have cascading effects on supply chains and national infrastructure resilience. The requirement for local access and user interaction somewhat limits remote exploitation but insider threats or compromised local machines remain a significant concern.

Organizations should prioritize monitoring for unusual command execution activity on systems running DIAView and restrict local access to trusted personnel only. Implement network segmentation to isolate DIAView systems from general IT networks and limit user privileges to the minimum necessary. Employ application whitelisting and endpoint detection and response (EDR) tools to detect and block suspicious command execution attempts. Since no patches are currently available, consider deploying compensating controls such as input validation proxies or wrappers around DIAView interfaces to sanitize inputs. Conduct thorough audits of user accounts and sessions to detect potential misuse. Prepare incident response plans specifically addressing industrial control system compromises. Engage with Delta Electronics for timely updates and patches, and plan for rapid deployment once available. Additionally, educate users about the risks of interacting with untrusted inputs or files that could trigger the vulnerability.