Out-of-Bounds Write Vulnerability in CX-Programmer by Siemens
CVE-2022-21124

7.8HIGH

Key Information:

Vendor

Omron Corporation

Status
Cx-programmer
Vendor
CVE Published:
10 March 2022

What is CVE-2022-21124?

An out-of-bounds write vulnerability exists in CX-Programmer versions 9.76.1 and earlier, part of the CX-One v4.60 suite. This flaw can be exploited by attackers who convince a user to open a specially crafted CXP file, potentially leading to information disclosure or allowing arbitrary code execution. The implications of this vulnerability necessitate immediate attention to secure the affected versions from possible exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

CX-Programmer CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite

References

https://jvn.jp/en/vu/JVNVU90121984/index.html
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2022/06/14/4
mailing-listx_refsource_MLIST
http://xenbits.xen.org/xsa/advisory-404.html
x_refsource_CONFIRM

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.