Omron : Security Vulnerabilities, CVEs, (Memory corruption)
Use after free vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur.
Max CVSS
7.8
EPSS Score
0.06%
Published
2023-08-03
Updated
2023-08-08
Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur.
Max CVSS
7.8
EPSS Score
0.06%
Published
2023-08-03
Updated
2023-08-08
Heap-based buffer overflow vulnerability exists in CX-Drive All models all versions. By having a user open a specially crafted SDD file, arbitrary code may be executed and/or information may be disclosed.
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-05-10
Updated
2023-08-02
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22314.
Max CVSS
7.8
EPSS Score
0.06%
Published
2023-08-03
Updated
2023-08-08
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22317.
Max CVSS
7.8
EPSS Score
0.06%
Published
2023-08-03
Updated
2023-08-08
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22317 and CVE-2023-22314.
Max CVSS
7.8
EPSS Score
0.06%
Published
2023-08-03
Updated
2023-08-08
Use after free vulnerability in CX-Drive V3.00 and earlier allows a local attacker to execute arbitrary code by having a user to open a specially crafted file,
Max CVSS
7.8
EPSS Score
0.06%
Published
2022-12-21
Updated
2022-12-30
Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.
Max CVSS
7.8
EPSS Score
0.11%
Published
2022-12-07
Updated
2022-12-09
Out-of-bounds write vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.
Max CVSS
7.8
EPSS Score
0.20%
Published
2022-12-07
Updated
2022-12-09
Use-after free vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.
Max CVSS
7.8
EPSS Score
0.11%
Published
2022-12-07
Updated
2022-12-09
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to multiple stack-based buffer overflow conditions while parsing a specific project file, which may allow an attacker to locally execute arbitrary code.
Max CVSS
7.8
EPSS Score
0.83%
Published
2022-04-01
Updated
2022-04-08
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to a use after free memory condition while processing a specific project file, which may allow an attacker to execute arbitrary code.
Max CVSS
7.8
EPSS Score
0.10%
Published
2022-04-01
Updated
2022-04-08
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to an out-of-bounds write while processing a specific project file, which may allow an attacker to execute arbitrary code.
Max CVSS
7.8
EPSS Score
0.15%
Published
2022-04-01
Updated
2022-04-08
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to memory corruption while processing a specific project file, which may allow an attacker to execute arbitrary code.
Max CVSS
7.8
EPSS Score
0.13%
Published
2022-04-01
Updated
2023-06-27
Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25230.
Max CVSS
7.8
EPSS Score
0.06%
Published
2022-03-10
Updated
2022-03-14
Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-21124.
Max CVSS
7.8
EPSS Score
0.06%
Published
2022-03-10
Updated
2022-03-14
Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25325.
Max CVSS
7.8
EPSS Score
0.06%
Published
2022-03-10
Updated
2022-03-14
Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code.
Max CVSS
7.8
EPSS Score
4.66%
Published
2022-01-14
Updated
2022-03-17
Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25234.
Max CVSS
7.8
EPSS Score
0.07%
Published
2022-03-10
Updated
2022-06-16
OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.31%
Published
2022-10-06
Updated
2022-10-06
OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.31%
Published
2022-10-06
Updated
2022-10-06
OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.31%
Published
2022-10-06
Updated
2022-10-06
Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0 and prior, are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.
Max CVSS
7.8
EPSS Score
11.29%
Published
2021-05-13
Updated
2021-05-21
The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.
Max CVSS
8.8
EPSS Score
1.84%
Published
2021-02-09
Updated
2021-02-11
Several use after free vulnerabilities have been identified in CX-Supervisor (Versions 3.42 and prior). When processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.
Max CVSS
8.8
EPSS Score
0.38%
Published
2019-01-22
Updated
2019-10-09