CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26419 – Rockwell Automation Studio 5000 Logix Designer Code Injection
https://notcve.org/view.php?id=CVE-2022-26419
01 Apr 2022 — Omron CX-Position (versions 2.5.3 and prior) is vulnerable to multiple stack-based buffer overflow conditions while parsing a specific project file, which may allow an attacker to locally execute arbitrary code. Omron CX-Position (versiones 2.5.3 y anteriores) es vulnerable a múltiples condiciones de desbordamiento de búfer en la región stack de la memoria mientras analiza un archivo de proyecto específico, lo que puede permitir a un atacante ejecutar localmente código arbitrario This vulnerability allows r... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-02 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26022 – Rockwell Automation Studio 5000 Logix Designer Out-of-Bounds Write
https://notcve.org/view.php?id=CVE-2022-26022
01 Apr 2022 — Omron CX-Position (versions 2.5.3 and prior) is vulnerable to an out-of-bounds write while processing a specific project file, which may allow an attacker to execute arbitrary code. Omron CX-Position (versiones 2.5.3 y anteriores) es vulnerable a una escritura fuera de límites mientras es procesado un archivo de proyecto específico, lo que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. Us... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-02 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26417 – Rockwell Automation Studio 5000 Logix Designer Use After Free
https://notcve.org/view.php?id=CVE-2022-26417
01 Apr 2022 — Omron CX-Position (versions 2.5.3 and prior) is vulnerable to a use after free memory condition while processing a specific project file, which may allow an attacker to execute arbitrary code. Omron CX-Position (versiones 2.5.3 y anteriores) es vulnerable a una condición de uso de memoria previamente liberada mientras procesa un archivo de proyecto específico, lo que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected insta... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-02 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25959 – Rockwell Automation Studio 5000 Logix Designer Improper Restriction of Operations within the Bounds of a Memory Buffer
https://notcve.org/view.php?id=CVE-2022-25959
01 Apr 2022 — Omron CX-Position (versions 2.5.3 and prior) is vulnerable to memory corruption while processing a specific project file, which may allow an attacker to execute arbitrary code. Omron CX-Position (versiones 2.5.3 y anteriores) es vulnerable a una corrupción de memoria mientras es procesado un archivo de proyecto específico, lo que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interac... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-27257 – Omron CX-One
https://notcve.org/view.php?id=CVE-2020-27257
09 Feb 2021 — This vulnerability allows local attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices. Esta vulnerabilidad permite a atacantes locales ejecutar código arbitrario debido a una falta de comprobación apropiada de los datos suministrados por un usuario, lo que puede resultar en una condición de confusión de tipos en Omron CX-One Versión 4.60 y dispositivos anteriores This v... • https://us-cert.cisa.gov/ics/advisories/icsa-21-007-02 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2020-27261 – Omron CX-One
https://notcve.org/view.php?id=CVE-2020-27261
09 Feb 2021 — The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. El Omron CX-One versiones 4.60 y anteriores es vulnerable a un desbordamiento del búfer en la región stack de la memoria, lo que puede permitir a un atacante ejecutar código arbitrario remotamente This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulner... • https://us-cert.cisa.gov/ics/advisories/icsa-21-007-02 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-27259 – Omron CX-One
https://notcve.org/view.php?id=CVE-2020-27259
09 Feb 2021 — The Omron CX-One Version 4.60 and prior may allow an attacker to supply a pointer to arbitrary memory locations, which may allow an attacker to remotely execute arbitrary code. Omron CX-One versiones 4.60 y anteriores, puede permitir a un atacante suministrar un puntero a ubicaciones de memoria arbitrarias, lo que puede permitir a un atacante ejecutar código arbitrario remotamente This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction... • https://us-cert.cisa.gov/ics/advisories/icsa-21-007-02 • CWE-822: Untrusted Pointer Dereference •