CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7515 – OMRON CX-Supervisor SCS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7515
In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX Supervisor indirectly calls an initialized pointer when parsing malformed packets. En las versiones 3.30 y anteriores de Omron CX-Supervisor, se puede explotan vulnerabilidades de acceso de puntero no inicializado cuando CX-Supervisor llama de forma indirecta a un puntero no inicializado al analizar paquetes mal formados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SCS project files. The issue results from the lack of proper initialization of a pointer prior to accessing it. • http://www.securityfocus.com/bid/103394 https://ics-cert.us-cert.gov/advisories/ICSA-18-072-01 • CWE-256: Plaintext Storage of a Password CWE-824: Access of Uninitialized Pointer •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7525 – OMRON CX-Supervisor CDM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7525
In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed packet by a certain executable may cause an untrusted pointer dereference vulnerability. En las versiones 3.30 y anteriores de Omron CX-Supervisor, el procesamiento de un paquete mal formado por parte de cierto ejecutable puede provocar una vulnerabilidad de desreferencia de puntero no fiable. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CDM file. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. • http://www.securityfocus.com/bid/103394 https://ics-cert.us-cert.gov/advisories/ICSA-18-072-01 • CWE-476: NULL Pointer Dereference CWE-822: Untrusted Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-6624
https://notcve.org/view.php?id=CVE-2018-6624
OMRON NS devices 1.1 through 1.3 allow remote attackers to bypass authentication via a direct request to the .html file for a specific screen, as demonstrated by monitor.html. Los dispositivos OMRON NS desde la versión 1.1 hasta la 1.3 permite que los atacantes remotos omitan la autenticación mediante una petición directa al archivo .html para una pantalla específica, tal y como queda demostrado en monitor.html. • http://misteralfa-hack.blogspot.cl/2018/02/otomron-login-bypass.html • CWE-425: Direct Request ('Forced Browsing') •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0988
https://notcve.org/view.php?id=CVE-2015-0988
Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to obtain sensitive information by reading a file. Omron CX-One CX-Programmer en versiones anteriores a 9.6 utiliza un fomato reversible para el almacenamiento de contraseña en archivos del código fuente del proyecto, lo que hace más fácil para usuarios locales obtener información sensible mediante la lectura de un archivo. • https://ics-cert.us-cert.gov/advisories/ICSA-15-274-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0CVE-2015-1015
https://notcve.org/view.php?id=CVE-2015-1015
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it easier for local users to obtain sensitive information by reading a file. Omron CX-One CX-Programmer en versiones anteriores a 9.6, dispositivos CJ2M PLC en versiones anteriores a 2.1 y dispositivos CJ2H PLC en versiones anteriores a 1.5 usan un formato reversible para el almacenamiento de contraseña en archivos de objeto en tarjetas Compact Flash, lo que hace más fácil para usuarios locales obtener información sensible mediante la lectura de un archivo. • https://ics-cert.us-cert.gov/advisories/ICSA-15-274-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •