Published:2023/08/01 Last Updated:2023/08/01
JVNVU#93286117
Multiple vulnerabilities in OMRON CX-Programmer
Overview
OMRON CX-Programmer contains multiple vulnerabilities.
Products Affected
- CX-Programmer
- Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier
Description
CX-Programmer provided by OMRON Corporation contains multiple vulnerabilities listed below.
- Out-of-bounds read (CWE-125) - CVE-2023-38746
CVSS v3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score: 7.8 - Heap-based buffer overflow (CWE-122) - CVE-2023-38747
CVSS v3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score: 7.8 - Use after free (CWE-416) - CVE-2023-38748
CVSS v3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score: 7.8
Impact
By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur.
Solution
Update the firmware
Update the firmware to the latest version according to the information provided by the developer.
The version that contains the fix for this vulnerability is as follows.
- CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.81 or later
Regarding the details of how to obtain the update or how to update the firmware, contact the developer and/or the sales representatives.
Vendor Status
Vendor | Link |
OMRON Corporation | Out-of-bounds Read, Use After Free and Heap-based Buffer Overflow Vulnerabilities in CX-Programmer |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Michael Heinzl reported these vulnerabilities to JPCERT/CC.
JPCERT/CC coordinated with the developer.
Other Information
JPCERT Alert |
|
JPCERT Reports |
|
CERT Advisory |
|
CPNI Advisory |
|
TRnotes |
|
CVE |
CVE-2023-38746 |
CVE-2023-38747 |
|
CVE-2023-38748 |
|
JVN iPedia |
|