CVE-2021-27413

Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0 and prior, are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code...

Omron CX-One

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Omron Equipment: CX-One Vulnerabilities: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...

CVE-2021-27413

Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0 and prior, are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code...

Stack overflow

Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0 and prior, are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code...

Omron CX-One and CX-Protocol Security Vulnerabilities

Omron CX-One is an integrated toolkit from Omron Japan. The products include inverters, temperature controllers, and PLC programming software, etc. CX-Protocol is one of the components used to create a serial communication protocol to communicate with standard serial devices. A security...

Omron CX-One and CX-Protocol Buffer Error Vulnerability

Omron CX-One is an integrated toolkit from Omron Japan. The products include inverters, temperature controllers, and PLC programming software, etc. CX-Protocol is one of the components used to create a serial communication protocol to communicate with standard serial devices. A buffer error...

Omron CX-Server Detection (Windows SMB Login)

SMB login-based detection of Omron CX-Server. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Omron CX-One Memory Misreference Vulnerability

Omron CX-One is an integrated toolkit from Omron, which includes software for networking, PT, inverters, temperature controllers, and PLC programming, etc. CX-Programmer is a PLC programming software, and CX-Server is a driver management tool. A memory misreference vulnerability exists in Omron...

Code injection

In CX-One Versions 4.42 and prior CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior, when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code unde...

CVE-2018-18993

Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior. When processing project files, the application allows input data to exceed the buffer. An attacker could use a...

CVE-2018-18993

Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior. When processing project files, the application allows input data to exceed the buffer. An attacker could use a...

CVE-2018-18993

Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior. When processing project files, the application allows input data to exceed the buffer. An attacker could use a...

CVE-2018-18993

CVE-2018-18993 relates to two stack-based buffer overflow vulnerabilities in Omron CX-One (CX-Position module) affecting CX-One v4.42 and earlier, including CX-Programmer v9.66 and earlier and CX-Server v5.0.23 and earlier. The flaws occur when processing project files, allowing input data to exc...

CVE-2018-7514

Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and...

CVE-2018-8834

Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and...

CVE-2018-7530

The CVE-2018-7530 issue is a Type Confusion in Omron CX-One and its integrated apps (e.g., CX-FLnet, CX-Protocol, CX-Programmer, CX-Server, Network Configurator, Switch Box Utility) triggered by parsing malformed project files. This can cause the pointer to call an incorrect object, leading to an...