CVE-2024-31413

🗓️ 01 May 2024 12:54:15Reported by jpcertType

Free of pointer not at start of buffer vulnerability in CX-One and Sysmac Studi

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The vulnerability of Omron Sysmac Studio and CX-One software, which is related to the use of the “Free” function for the pointer not at the beginning of the buffer, allows a hacker to execute arbitrary code.	24 May 202400:00	–	bdu_fstec
CNNVD	Omron Sysmac Studio 安全漏洞	22 Apr 202400:00	–	cnnvd
CVE	CVE-2024-31413	1 May 202412:54	–	cve
EUVD	EUVD-2024-29303	3 Oct 202520:07	–	euvd
Japan Vulnerability Notes	Multiple vulnerabilities in OMRON Sysmac Studio/CX-One and CX-Programmer	24 Apr 202401:13	–	jvn
NVD	CVE-2024-31413	1 May 202413:15	–	nvd
Positive Technologies	PT-2024-3704 · Omron · Cx-One +1	22 Apr 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-31413	23 May 202507:46	–	redhatcve
Vulnrichment	CVE-2024-31413	1 May 202412:54	–	vulnrichment

[
  {
    "vendor": "OMRON Corporation",
    "product": "CX-One CX-One CXONE-AL[][]D-V4 ",
    "versions": [
      {
        "version": "The version which was installed with a DVD ver. 4.61.1 or lower",
        "status": "affected"
      },
      {
        "version": " and was updated through CX-One V4 auto update in January 2024 or prior",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "OMRON Corporation",
    "product": "Sysmac Studio SYSMAC-SE2[][][] ",
    "versions": [
      {
        "version": "The version which was installed with a DVD ver. 1.56 or lower",
        "status": "affected"
      },
      {
        "version": " and was updated through Sysmac Studio V1 auto update in January 2024 or prior",
        "status": "affected"
      }
    ]
  }
]

Source	Link
jvn	www.jvn.jp/en/vu/JVNVU98274902/
fa	www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2024-002_en.pdf

01 May 2024 12:54Current

7.7High risk

Vulners AI Score7.7

EPSS0.00238