ID 47976
Created Jun 05, 2019
Updated May 18, 2022
Severity dark-circle dark-circle dark-circle dark-circle dark-circle
Coverage switch-on-logo IPS (Regular DB)
switch-on-logo IPS (Extended DB)
Default Action drop
Active switch-on-logo
Affected OS Windows
Affected App SCADA

Legend

Active/Available switch-on-logo
InActive/Not Available switch-off-logo

Update History

Date Version Detail
2019-10-25 14.711 Default_action:pass:drop
2019-06-10 14.629 Sig Added
2019-06-06 14.627 Severity:medium:high
2019-06-05 14.626

Threat Encyclopedia

OMRON.CX-One.CX-Protocol.Trace.Memory.Corruption

description-logoDescription

This indicates an attack attempt to exploit a Memory Corruption Vulnerability in OMRON CX-One CX-Protocol.
A remote attacker may exploit this vulnerability by enticing the victim to open a CX-Protocol application with the crafted project file using the vulnerable version of the software. Successful exploitation could lead to code execution under the security context of the user. Unsuccessful exploitation would lead to a hang or termination of the application.

affected-products-logoAffected Products

OMRON CX-One CX-Protocol Versions 2.0 and prior

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the ICS-CERT advisory for updates.
https://ics-cert.us-cert.gov/advisories/ICSA-19-010-02

CVE References

CVE-2018-19027

Other References

ICSA-19-010-02

Telemetry logoTelemetry