Critical

Password Protection Bypass in Delta Electronics DVP-12SE11T PLC

IdentifiersCVE-2025-15102CWE-288· Authentication Bypass Using an…

CVE-2025-15102 is a critical authentication bypass vulnerability affecting the Delta Electronics DVP-12SE11T programmable logic controller (PLC). The issue is described as an authentication enforcement failure in a security-critical code path that allows password protection to be bypassed by sending specially crafted packets under certain conditions. The flaw is remotely exploitable over the network, requires no prior authentication, and does not require user interaction. Available reporting classifies the issue as CWE-288, indicating authentication bypass via an alternate path or channel. In an OT context, successful exploitation could permit unauthorized interaction with the PLC and downstream manipulation of industrial control functions.

For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial

ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation allows an unauthenticated remote attacker to bypass the device’s password protection and perform unauthorized actions against the PLC. Reported impact is primarily to integrity and availability, with CVSS indicating high impact to both and no confirmed confidentiality impact. Because the affected product is a PLC used in industrial environments, compromise could alter device behavior, disrupt control logic or operations, and potentially affect physical processes. Reporting notes that PLC compromise in such environments can create unsafe operating conditions and, in sensitive sectors, may contribute to severe operational consequences.

Mitigation

If you can’t patch tonight, do this now.

Where immediate patching is not feasible, reduce exposure of the DVP-12SE11T to untrusted networks, especially direct routable access. Place the PLC behind industrial network segmentation and restrict communications to authorized engineering workstations and management systems only. Enforce allowlisting at firewalls or industrial gateways for required protocols and source IPs, disable unnecessary network paths, and monitor for anomalous or unauthorized packet traffic to the device. Because the flaw bypasses password protection, mitigation should not rely solely on device authentication; compensating controls should focus on network isolation, access control, and continuous monitoring until firmware updates can be applied.

Remediation

Patch, then assume compromise.

Delta Electronics released firmware updates addressing CVE-2025-15102 shortly before the 2026 New Year. The primary remediation is to identify affected DVP-12SE11T deployments and apply the vendor-provided firmware fix in accordance with OT change-management and maintenance procedures. Operators should consult the Delta Electronics advisory referenced in the source material to determine the fixed firmware version and any deployment prerequisites or operational guidance.

PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType

DeltawwDvp-12se11t Firmwareoperating_system

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

11 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

11 SOURCESView more in app

the hacker newsNews

Jan 15, 2026

ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More Stories

A critical password protection bypass affecting the Delta Electronics DVP-12SE11T PLC, enabling unauthorized access due to weak authentication controls.

dark readingNews

Jan 15, 2026

Trio of Critical Bugs Spotted in Delta Industrial PLCs

Authentication bypass in Delta Electronics DVP-12SE11T PLC due to missing authentication enforcement in a security-critical code path, enabling crafted-packet auth bypass under certain conditions.

cvefeed high severityNews

Dec 30, 2025

CVE-2025-15102 - DVP-12SE11T - Password Protection Bypass

A critical password protection bypass vulnerability in DVP-12SE11T, allowing remote attackers to bypass authentication controls. The flaw is rated 9.1 (critical) on CVSS 3.1 and is remotely exploitable.

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.

Start free trial

Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity8

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES

MITRE CVE

cve.org · CVE-2025-15102

NVD

nvd.nist.gov/vuln/detail/CVE-2025-15102

MITRE CWE · CWE-288

Authentication Bypass Using an Alternate Path…

Vendor Advisory

filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00022_DVP-12SE11T%20Multiple%20Vulnerabilities.pdf