Published:2023/08/01  Last Updated:2023/08/01

JVNVU#93286117
Multiple vulnerabilities in OMRON CX-Programmer

Overview

OMRON CX-Programmer contains multiple vulnerabilities.

Products Affected

  • CX-Programmer
    • Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier

Description

CX-Programmer provided by OMRON Corporation contains multiple vulnerabilities listed below.

  • Out-of-bounds read (CWE-125) - CVE-2023-38746
    CVSS v3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score: 7.8
  • Heap-based buffer overflow (CWE-122) - CVE-2023-38747
    CVSS v3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score: 7.8
  • Use after free (CWE-416) - CVE-2023-38748
    CVSS v3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score: 7.8

Impact

By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur.

Solution

Update the firmware
Update the firmware to the latest version according to the information provided by the developer.
The version that contains the fix for this vulnerability is as follows.

  • CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.81 or later

Regarding the details of how to obtain the update or how to update the firmware, contact the developer and/or the sales representatives.

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Michael Heinzl reported these vulnerabilities to JPCERT/CC.
JPCERT/CC coordinated with the developer.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2023-38746
CVE-2023-38747
CVE-2023-38748
JVN iPedia