CVE-2022-21137

Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-006-01 Third Party Advisory US Government Resource
https://www.zerodayinitiative.com/advisories/ZDI-22-373/ Third Party Advisory VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-22-374/ Third Party Advisory VDB Entry
https://www.cisa.gov/uscert/ics/advisories/icsa-22-006-01 Third Party Advisory US Government Resource
https://www.zerodayinitiative.com/advisories/ZDI-22-373/ Third Party Advisory VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-22-374/ Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:omron:cx-one:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:43

Type Values Removed Values Added
References () https://www.cisa.gov/uscert/ics/advisories/icsa-22-006-01 - Third Party Advisory, US Government Resource () https://www.cisa.gov/uscert/ics/advisories/icsa-22-006-01 - Third Party Advisory, US Government Resource
References () https://www.zerodayinitiative.com/advisories/ZDI-22-373/ - Third Party Advisory, VDB Entry () https://www.zerodayinitiative.com/advisories/ZDI-22-373/ - Third Party Advisory, VDB Entry
References () https://www.zerodayinitiative.com/advisories/ZDI-22-374/ - Third Party Advisory, VDB Entry () https://www.zerodayinitiative.com/advisories/ZDI-22-374/ - Third Party Advisory, VDB Entry

Information

Published : 2022-01-14 20:15

Updated : 2024-11-21 06:43


NVD link : CVE-2022-21137

Mitre link : CVE-2022-21137

CVE.ORG link : CVE-2022-21137


JSON object : View

Products Affected

omron

  • cx-one
CWE
CWE-121

Stack-based Buffer Overflow

CWE-787

Out-of-bounds Write