CVE-2023-38747

Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...

CVE-2023-38747

Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...

Heap overflow

Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...

Design/Logic Flaw

Use after free vulnerability exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...

CVE-2023-38746

Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...

CVE-2023-38746

Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...

Design/Logic Flaw

Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...

CVE-2023-38748

Use after free vulnerability exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...

CVE-2023-38748

Use after free vulnerability exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...

CVE-2023-38747

CVE-2023-38747 affects Omron CX-Programmer (included in CX-One CXONE-AL[][]D-V4) version 9.80 and earlier. The flaw is a heap-based buffer overflow triggered by opening a specially crafted CXP file, leading to information disclosure and/or arbitrary code execution. Mitigation is to upgrade to CX-...

CVE-2023-38747

Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...

CVE-2023-38747

Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...

CVE-2023-38746

CVE-2023-38746 affects CX-Programmer (CX-One CXONE-AL[][]D-V4, v9.80 and earlier). The vulnerability is an out-of-bounds read in the handling of CXP files, leading to information disclosure and potentially arbitrary code execution. The issue is addressed by updating to CX-Programmer/CX-One versio...

CVE-2023-38746

Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...

CVE-2023-38746

Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...

Multiple vulnerabilities in OMRON CX-Programmer

Overview CX-Programmer provided by OMRON Corporation contains multiple vulnerabilities listed below. Out-of-bounds read CWE-125 - CVE-2023-38746 Heap-based buffer overflow CWE-122 - CVE-2023-38747 Use after free CWE-416 - CVE-2023-38748 Michael Heinzl reported these vulnerabilities to JPCERT/CC...

Omron CX-Programmer Resource Management Error Vulnerability

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in CX-Programmer version 9.79 and earlier, which stems from the presence of a post-release reuse vulnerability. An attacker could exploit this vulnerability to allow ...

PT-2023-18422 · Omron · Cx-Programmer

Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22317...

PT-2023-18425 · Omron · Cx-Programmer

Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22314...

Omron CX-Programmer Resource Management Error Vulnerability

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in Omron CX-Programmer version 9.79 and earlier, which stems from a post-release reuse vulnerability. The vulnerability can be exploited to allow a user to open a...