Lucene search
Esteban Ruiz (mr_me) of Source InciteZDI-19-019HistoryJan 14, 2019 - 12:00 a.m.
OMRON CX-One CX-Protocol CObject Type Confusion Remote Code Execution Vulnerability
2019-01-1400:00:00
Esteban Ruiz (mr_me) of Source Incite
www.zerodayinitiative.com
7
0.029 Low
EPSS
Percentile
90.9%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-One CX-Protocol. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PSW files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
zdi
zdi
cvelist
cvelist
CVE-2018-19027
2019-01-10 00:00:00
prion
prion
Type confusion
2019-01-30 16:29:00
checkpoint_advisories
checkpoint_advisories
OMRON CX-One CX-Protocol Trace Type Confusion (CVE-2018-19027)
2019-10-16 00:00:00
OMRON CX-One CX-Protocol Type Confusion (CVE-2018-19027)
2019-11-26 00:00:00
OMRON CX-One CX-Protocol CMessage Type Confusion (CVE-2018-19027)
2019-10-22 00:00:00
ics
ics
Omron CX-One CX-Protocol
2019-01-10 12:00:00
nvd
nvd
CVE-2018-19027
2019-01-30 16:29:00
cve
cve
CVE-2018-19027
2019-01-30 16:29:00