CVSS: 7.8EPSS: 15%CPEs: 2EXPL: 0CVE-2021-27413 – Omron CX-One CX-Position NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-27413
Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0 and prior, are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. Las versiones 4.60 y anteriores de Omron CX-One, incluidas las versiones 5.0.29.0 y anteriores de CX-Server, son vulnerables a un desbordamiento del búfer basado en la pila, que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of NCI files in the CX-Position application. When parsing the B_PLC_NAME element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://us-cert.cisa.gov/ics/advisories/icsa-21-131-01 https://www.zerodayinitiative.com/advisories/ZDI-21-588 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-27257 – Omron CX-One
https://notcve.org/view.php?id=CVE-2020-27257
This vulnerability allows local attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices. Esta vulnerabilidad permite a atacantes locales ejecutar código arbitrario debido a una falta de comprobación apropiada de los datos suministrados por un usuario, lo que puede resultar en una condición de confusión de tipos en Omron CX-One Versión 4.60 y dispositivos anteriores This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSW files by the CX-Protocol application. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://us-cert.cisa.gov/ics/advisories/icsa-21-007-02 https://www.zerodayinitiative.com/advisories/ZDI-21-184 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2020-27261 – Omron CX-One
https://notcve.org/view.php?id=CVE-2020-27261
The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. El Omron CX-One versiones 4.60 y anteriores es vulnerable a un desbordamiento del búfer en la región stack de la memoria, lo que puede permitir a un atacante ejecutar código arbitrario remotamente This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of NCI files by the CX-Position application. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://us-cert.cisa.gov/ics/advisories/icsa-21-007-02 https://www.zerodayinitiative.com/advisories/ZDI-21-183 https://www.zerodayinitiative.com/advisories/ZDI-21-185 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-27259 – Omron CX-One
https://notcve.org/view.php?id=CVE-2020-27259
The Omron CX-One Version 4.60 and prior may allow an attacker to supply a pointer to arbitrary memory locations, which may allow an attacker to remotely execute arbitrary code. Omron CX-One versiones 4.60 y anteriores, puede permitir a un atacante suministrar un puntero a ubicaciones de memoria arbitrarias, lo que puede permitir a un atacante ejecutar código arbitrario remotamente This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of NCI files by the CX-Position application. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://us-cert.cisa.gov/ics/advisories/icsa-21-007-02 https://www.zerodayinitiative.com/advisories/ZDI-21-182 • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 32%CPEs: 3EXPL: 0CVE-2018-18993 – OMRON CX-One CXP File Parsing Stack-based Buffer Overflow Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-18993
Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior). When processing project files, the application allows input data to exceed the buffer. An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the application. Se han descubierto dos vulnerabilidades de desbordamiento de búfer basado en pila en CX-One, en versiones 4.42 y anteriores (CX-Programmer en versiones 9.66 y anteriores y CX-Server en versiones 5.0.23 y anteriores). Al procesar archivos de proyecto, la aplicación permite que los datos de entrada excedan el búfer. • http://www.securityfocus.com/bid/106106 https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •