Stack-Based Buffer Overflow in CX-One Product by OMRON
CVE-2018-18993

7.8HIGH

Key Information:

Vendor: Omron
Status: Cx-one (cx-programmer And Cx-server)
Vendor: CVE Published:; 4 December 2018

What is CVE-2018-18993?

Two stack-based buffer overflow vulnerabilities have been identified in OMRON's CX-One software, specifically affecting CX-Programmer and CX-Server versions. When processing incorrectly formatted project files, the application allows excess input data to overflow the allocated buffer. This could potentially enable an attacker to manipulate a specially crafted project file to execute arbitrary code with the privileges of the application, leading to serious security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

CX-One (CX-Programmer and CX-Server) CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior)

References

https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01

x_refsource_MISC

http://www.securityfocus.com/bid/106106

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 4, 2018
Vulnerability Reserved
Nov 6, 2018

JSON

Omron

What is CVE-2018-18993?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.