The NCCIC has published an advisory on out-of-bounds read and use after free vulnerabilities in Delta Industrial Automation DOPSoft. DOPSoft Version 4.00.06.15 and prior are affected. Successful exploitation of these vulnerabilities may allow information disclosure, remote code execution, or crash of the application. Delta recommends users update to the latest version of DOPSoft, version 4.00.06.47, and restrict interaction with the application to trusted files. The NCCIC also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.