222 matches found
CVE-2023-38747
Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...
CVE-2023-38746
Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...
CVE-2023-38746
Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-ALD-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur...
CVE-2023-38746
CVE-2023-38746 affects CX-Programmer (CX-One CXONE-AL[][]D-V4, v9.80 and earlier). The vulnerability is an out-of-bounds read in the handling of CXP files, leading to information disclosure and potentially arbitrary code execution. The issue is addressed by updating to CX-Programmer/CX-One versio...
Multiple vulnerabilities in OMRON CX-Programmer
Overview CX-Programmer provided by OMRON Corporation contains multiple vulnerabilities listed below. Out-of-bounds read CWE-125 - CVE-2023-38746 Heap-based buffer overflow CWE-122 - CVE-2023-38747 Use after free CWE-416 - CVE-2023-38748 Michael Heinzl reported these vulnerabilities to JPCERT/CC...
Omron CX-Programmer Resource Management Error Vulnerability
Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in CX-Programmer version 9.79 and earlier, which stems from the presence of a post-release reuse vulnerability. An attacker could exploit this vulnerability to allow ...
Omron CX-Programmer Resource Management Error Vulnerability
Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in Omron CX-Programmer version 9.79 and earlier, which stems from a post-release reuse vulnerability. The vulnerability can be exploited to allow a user to open a...
Omron CX-Programmer Resource Management Error Vulnerability
Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in CX-Programmer version 9.79 and earlier, which stems from the presence of a post-release reuse vulnerability. An attacker can exploit this vulnerability to allow a...
PT-2023-18425 · Omron · Cx-Programmer
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22314...
PT-2023-18422 · Omron · Cx-Programmer
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22317...
PT-2023-5304 · Omron · Cx-Programmer
Name of the Vulnerable Software and Affected Versions: CX-Programmer Included in CX-One CXONE-ALD-V4 versions 9.80 and earlier Description: A heap-based buffer overflow issue exists, which can be exploited by having a user open a specially crafted CXP file. This may lead to information disclosure...
PT-2023-5305 · Omron · Cx-Programmer
Name of the Vulnerable Software and Affected Versions: CX-Programmer Included in CX-One CXONE-ALD-V4 versions 9.80 and earlier Description: An out-of-bounds read issue exists, which may allow information disclosure and/or arbitrary code execution when a user opens a specially crafted CXP file. Th...
Omron CX-One CXP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CXP...
Omron CX-One CXP File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CXP...
Omron CX-Programmer
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Omron Equipment: CX-Programmer Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow arbitrary code execution or loss of sensitive information if a user opens a...
The vulnerability of Omron CX-Programmer software for programming logic controllers lies in the use of memory after it is freed. This allows a malicious actor to gain unauthorized access to protected information or execute arbitrary code.
The vulnerability of Omron CX-Programmer software for programming logic controllers is related to the use of memory after it is freed. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information or execute arbitrary code using a specially created CXP...
CVE-2022-43508
Use-after free vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file...
CVE-2022-43509
Out-of-bounds write vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file...
CVE-2022-43667
Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file...
CVE-2022-43509
Out-of-bounds write vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file...