CVE-2022-2979 Omron CX-Programmer

Opening a specially crafted file could cause the affected product to fail to release its memory reference potentially resulting in arbitrary code execution...

CVE-2022-2979 Omron CX-Programmer

Opening a specially crafted file could cause the affected product to fail to release its memory reference potentially resulting in arbitrary code execution...

Omron CX-Programmer 资源管理错误漏洞

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron Japan. A security vulnerability exists in Omron CX-Programmer versions prior to v9.78, which stems from the fact that opening a specially crafted file may cause the affected product to fail to free its memo...

The vulnerability of the development environment provided by CX-Programmer, which is part of the CX-One software suite designed for programming and configuring Omron PLCs, allows a perpetrator to execute arbitrary code.

The vulnerability of the development environment provided by CX-Programmer, which is part of the CX-One software suite designed for programming and configuring Omron PLCs, relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the SX-Programmer Expert (D300win) programming tool, related to the execution of operations beyond the buffer boundaries, may affect data integrity.

The vulnerability of the SX-Programmer Expert D300win programming tool for programmable logic controllers is related to the execution of operations outside the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the integrity of data...

The vulnerability of the SX-Programmer Expert (D300win) programming tool, which involves the use of memory after it is freed, allows a intruder to gain unauthorized access to protected information or compromise data integrity.

The vulnerability of the SX-Programmer Expert D300win programming tool relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information or compromise data integrity...

PT-2022-4526 · Omron · Cx-One

Name of the Vulnerable Software and Affected Versions: CX-One affected versions not specified Description: The issue is related to a use-after-free vulnerability in the CX-Programmer development environment, part of the CX-One software suite used for programming and configuring Omron PLCs. This...

Omron CX-Programmer

1. EXECUTIVE SUMMARY CVSS v3 7,8 ATTENTION: Low attack complexity Vendor: Omron Equipment: CX-Programmer Vulnerability: Use After Free 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS...

Omron CX-One CX-Programmer CXP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CXP...

Former CIA Engineer Convicted of Leaking 'Vault 7' Hacking Secrets to WikiLeaks

Joshua Schulte, a former programmer with the U.S. Central Intelligence Agency CIA, has been found guilty of leaking a trove of classified hacking tools and exploits dubbed Vault 7 to WikiLeaks. The 33-year-old engineer had been charged in June 2018 with unauthorized disclosure of classified...

Unused Return

Lines of code Vulnerability details Impact Configuration Check: unused-return Severity: Medium Confidence: Medium Description: The return value of this external call is not stored in a local or state variable. Unused return values of function calls are indicative of programmer errors which may ha...

The vulnerability of the development environment “CX-Programmer,” which is part of the software suite “CX-One” designed for programming and configuring Omron PLCs, lies in the ability to write data beyond the buffer boundaries in memory. This allows attackers to disclose sensitive information or execute arbitrary code.

The vulnerability of the development environment “CX-Programmer,” which is part of the software suite “CX-One” designed for programming and configuring Omron PLCs, relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive...

CVE-2022-25325

Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One v4.60 suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25230...

CVE-2022-25325

Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One v4.60 suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25230...

CVE-2022-25325

Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One v4.60 suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25230...

CVE-2022-25230

Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One v4.60 suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25325...

CVE-2022-25234

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One v4.60 suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-2112...

CVE-2022-25230

Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One v4.60 suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25325...

CVE-2022-25234

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One v4.60 suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-2112...

Cross site scripting

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One v4.60 suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-2112...