Heap-Based Buffer Overflow in CX-Drive by Omron
CVE-2023-27385

7.8HIGH

Key Information:

Vendor: Omron Corporation
Status: Cx-drive All Models
Vendor: CVE Published:; 10 May 2023

🔔 Create Omron Corporation Vulnerability Alert

What is CVE-2023-27385?

A heap-based buffer overflow vulnerability exists in all versions of CX-Drive by Omron. This vulnerability can be exploited when a user opens a specially crafted SDD file, potentially leading to the execution of arbitrary code and unauthorized disclosure of sensitive information. It is crucial for users to be aware of this risk and to take appropriate measures to safeguard their systems.

Affected Version(s)

CX-Drive All models all versions

References

https://www.ia.omron.com/product/vulnerability/OMSR-2023-...

https://jvn.jp/en/vu/JVNVU97372625/

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 10, 2023
Vulnerability Reserved
Mar 15, 2023