Lucene search
K
OmronCx-protocol

7 matches found

CVE
CVE
added 2021/02/09 2:10 p.m.127 views

CVE-2020-27257

CVE-2020-27257 concerns a type-confusion in Omron CX-One’s CX-Protocol/PSW file parsing, affecting CX-One 4.60 and earlier. ZDI confirms a remote-code-execution route via PSW parsing with user interaction required (visit a malicious page/open a crafted file). The ICS advisory lists updates: CX-Pr...

7.8CVSS8AI score0.01781EPSS
CVE
CVE
added 2018/04/17 7:0 p.m.68 views

CVE-2018-7514

CVE-2018-7514 affects Omron CX-One 4.42 and earlier, including CX-FLnet, CX-Protocol, CX-Programmer, CX-Server, Network Configurator, and Switch Box Utility. Multiple sources describe a stack-based (and in some cases heap-based) buffer overflow caused by processing malformed project files or cert...

7.8CVSS7.5AI score0.00318EPSS
CVE
CVE
added 2018/04/17 7:0 p.m.57 views

CVE-2018-7530

The CVE-2018-7530 issue is a Type Confusion in Omron CX-One and its integrated apps (e.g., CX-FLnet, CX-Protocol, CX-Programmer, CX-Server, Network Configurator, Switch Box Utility) triggered by parsing malformed project files. This can cause the pointer to call an incorrect object, leading to an...

7.8CVSS7.5AI score0.00331EPSS
CVE
CVE
added 2019/01/30 4:0 p.m.56 views

CVE-2018-19027

CVE-2018-19027 affects Omron CX-One CX-Protocol (2.0 and earlier) within CX-One 4.50 and earlier. The vulnerability is a type confusion caused by improper parsing of project files, enabling an attacker to execute arbitrary code in the context of the affected application. Some sources indicate rem...

7.8CVSS7.7AI score0.01424EPSS
CVE
CVE
added 2021/02/09 2:9 p.m.55 views

CVE-2020-27261

Omron CX-One (versions 4.60 and earlier) contains a stack-based buffer overflow in the CX-One CX-Position component (NCI file parsing) caused by inadequate input validation of NCI configuration data, enabling remote arbitrary code execution. Affected apps include CX-Protocol (≤2.02), CX-Server (≤...

8.8CVSS8.9AI score0.07612EPSS
CVE
CVE
added 2018/04/17 7:0 p.m.54 views

CVE-2018-8834

CVE-2018-8834 affects Omron CX-One and integrated tools (CX-FLnet, CX-Protocol, CX-Programmer, CX-Server, Network Configurator, Switch Box Utility). The issue is a heap-based buffer overflow caused by improper input handling while parsing project/configuration data (e.g., FLN/NVF/Version/Node Nam...

7.8CVSS7.5AI score0.00318EPSS
CVE
CVE
added 2021/02/09 2:9 p.m.52 views

CVE-2020-27259

The CVE-2020-27259 issue affects Omron CX-One (versions 4.60 and prior), arising from an untrusted pointer dereference in CX-One’s NCI file parsing (CX-Position). This flaw can permit remote code execution, with exploitation tied to user interaction (visit a crafted page/file). The ZDI advisory s...

8.8CVSS8.9AI score0.02669EPSS