CVE-2018-8834
OMRON CX-One CX-FLnet Node Name Heap-based Buffer Overflow Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may cause a heap-based buffer overflow.
El análisis sintáctico de archivos de proyecto mal formados en Omron CX-One, en versiones 4.42 y anteriores, incluyendo las siguientes aplicaciones: CX-FLnet, en versiones 1.00 y anteriores; CX-Protocol, en versiones 1.992 y anteriores; CX-Programmer, en versiones 9.65 y anteriores; CX-Server, en versiones 5.0.22 y anteriores; Network Configurator, en versiones 3.63 y anteriores y Switch Box Utility, en versiones 1.68 y anteriores, podría provocar un desbordamiento de búfer basado en memoria dinámica (heap).
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the processing of FLN files. When parsing the Node Name field, the process does not properly validate the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-03-20 CVE Reserved
- 2018-04-11 CVE Published
- 2023-12-05 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-122: Heap-based Buffer Overflow
- CWE-787: Out-of-bounds Write
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-18-100-02 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Omron Search vendor "Omron" | Cx-flnet Search vendor "Omron" for product "Cx-flnet" | <= 1.00 Search vendor "Omron" for product "Cx-flnet" and version " <= 1.00" | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Cx-one Search vendor "Omron" for product "Cx-one" | <= 4.42 Search vendor "Omron" for product "Cx-one" and version " <= 4.42" | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Cx-programmer Search vendor "Omron" for product "Cx-programmer" | <= 9.65 Search vendor "Omron" for product "Cx-programmer" and version " <= 9.65" | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Cx-protocol Search vendor "Omron" for product "Cx-protocol" | <= 1.992 Search vendor "Omron" for product "Cx-protocol" and version " <= 1.992" | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Cx-server Search vendor "Omron" for product "Cx-server" | <= 5.0.22 Search vendor "Omron" for product "Cx-server" and version " <= 5.0.22" | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Network Configurator Search vendor "Omron" for product "Network Configurator" | <= 3.63 Search vendor "Omron" for product "Network Configurator" and version " <= 3.63" | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Switch Box Utility Search vendor "Omron" for product "Switch Box Utility" | <= 1.68 Search vendor "Omron" for product "Switch Box Utility" and version " <= 1.68" | - |
Affected
| ||||||