CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3398 – OMRON CX-Programmer Out-of-bounds Write
https://notcve.org/view.php?id=CVE-2022-3398
06 Oct 2022 — OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. OMRON CX-Programmer versiones 9.78 y anteriores, son vulnerables a uns Escritura Fuera de Límites, lo que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-277-04 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3397 – OMRON CX-Programmer Out-of-bounds Write
https://notcve.org/view.php?id=CVE-2022-3397
06 Oct 2022 — OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. OMRON CX-Programmer versiones 9.78 y anteriores, es vulnerable a una Escritura Fuera de Límites, lo que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or ... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-277-04 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2979 – Omron CX-Programmer
https://notcve.org/view.php?id=CVE-2022-2979
12 Sep 2022 — Opening a specially crafted file could cause the affected product to fail to release its memory reference potentially resulting in arbitrary code execution. Una apertura de un archivo especialmente diseñado podría causar que el producto afectado no libere su referencia de memoria, resultando potencialmente en una ejecución de código arbitrario • https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-09 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2022-31204
https://notcve.org/view.php?id=CVE-2022-31204
26 Jul 2022 — Omron CS series, CJ series, and CP series PLCs through 2022-05-18 use cleartext passwords. They feature a UM Protection setting that allows users or system integrators to configure a password in order to restrict sensitive engineering operations (such as project/logic uploads and downloads). This password is set using the OMRON FINS command Program Area Protect and unset using the command Program Area Protect Clear, both of which are transmitted in cleartext. Los PLC de las series CS, CJ y CP de Omron versi... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-02 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25325
https://notcve.org/view.php?id=CVE-2022-25325
07 Mar 2022 — Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25230. Una vulnerabilidad de uso de memoria previamente liberada en CX-Programmer versiones v9.76.1 y anteriores, que forma parte de la suite CX-One (v4.60), permite a un atacante causar una divulgación de información y/o ... • https://jvn.jp/en/vu/JVNVU90121984/index.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25234
https://notcve.org/view.php?id=CVE-2022-25234
07 Mar 2022 — Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-21124. Una vulnerabilidad de escritura fuera de límites en CX-Programmer versiones v9.76.1 y anteriores, que forma parte de la suite CX-One (versión v4.60), permite a un atacante causar una divulgación de información ... • https://jvn.jp/en/vu/JVNVU90121984/index.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25230
https://notcve.org/view.php?id=CVE-2022-25230
07 Mar 2022 — Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25325. Una vulnerabilidad de Uso de Memoria previamente Liberada en CX-Programmer versiones v9.76.1 y anteriores, que forma parte de la suite CX-One versión (v4.60), permite a un atacante causar una divulgación de informac... • https://jvn.jp/en/vu/JVNVU90121984/index.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21219
https://notcve.org/view.php?id=CVE-2022-21219
07 Mar 2022 — Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. Una vulnerabilidad de lectura fuera de límites en CX-Programmer versiones v9.76.1 y anteriores, que forma parte de la suite CX-One (v4.60), permite a un atacante causar una divulgación de información y/o la ejecución de código arbitrario al hacer que un usuario ab... • https://jvn.jp/en/vu/JVNVU90121984/index.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21124
https://notcve.org/view.php?id=CVE-2022-21124
07 Mar 2022 — Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25234. Una vulnerabilidad de escritura fuera de límites en CX-Programmer versiones v9.76.1 y anteriores, que forma parte de la suite CX-One (v4.60), permite a un atacante causar una divulgación de información y/o la e... • http://www.openwall.com/lists/oss-security/2022/06/14/4 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-6556 – OMRON CX-One CX-Programmer CXP File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6556
10 Apr 2019 — When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior) fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. Al procesar archivos de proyecto, la aplicación (Omron CX-Programmer v9.70 y Common Components anteriores a enero de 2019) no comprueban si hacen referencia a la memoria liberada. Un atacante podría utilizar ... • https://ics-cert.us-cert.gov/advisories/ICSA-19-094-01 • CWE-416: Use After Free •