Type Confusion Vulnerabilities in CX-One and CX-Protocol
CVE-2018-19027

7.8HIGH

Key Information:

Vendor: Omron
Status: Cx-protocol Within Cx-one
Vendor: CVE Published:; 30 January 2019

What is CVE-2018-19027?

In CX-One Versions 4.50 and earlier, as well as CX-Protocol Versions 2.0 and earlier, three type confusion vulnerabilities were discovered. These vulnerabilities arise when processing project files, potentially allowing an attacker to exploit them with a specially crafted file. Successful exploitation enables the attacker to execute arbitrary code within the privileges of the affected application, posing significant security risks to users and systems relying on these products.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

CX-Protocol within CX-One CX-One Versions 4.50 and prior, including the following applications: CX-Protocol Versions 2.0 and prior

References

http://www.securityfocus.com/bid/106524

vdb-entryx_refsource_BID

https://ics-cert.us-cert.gov/advisories/ICSA-19-010-02

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 30, 2019
Vulnerability Reserved
Nov 6, 2018

JSON

Omron

What is CVE-2018-19027?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.