Multiple vulnerabilities in OMRON CX-Programmer

Overview CX-Programmer provided by OMRON Corporation contains multiple vulnerabilities listed below. Out-of-bounds read CWE-125 - CVE-2023-38746 Heap-based buffer overflow CWE-122 - CVE-2023-38747 Use after free CWE-416 - CVE-2023-38748 Michael Heinzl reported these vulnerabilities to JPCERT/CC...

PT-2023-5305 · Omron · Cx-Programmer

Name of the Vulnerable Software and Affected Versions: CX-Programmer Included in CX-One CXONE-ALD-V4 versions 9.80 and earlier Description: An out-of-bounds read issue exists, which may allow information disclosure and/or arbitrary code execution when a user opens a specially crafted CXP file. Th...

The vulnerability of the development environment “CX-Programmer,” which is part of the software suite “CX-One” designed for programming and configuring Omron PLCs, lies in the ability to write data beyond the buffer boundaries in memory. This allows attackers to disclose sensitive information or execute arbitrary code.

The vulnerability of the development environment “CX-Programmer,” which is part of the software suite “CX-One” designed for programming and configuring Omron PLCs, relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive...

Omron CX-Programmer 资源管理错误漏洞

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in CX-Programmer v9.76.1 and earlier versions, which can be exploited by an attacker to trick a user into opening a carefully crafted CXP file to cause information...