Your one-stop web resource providing safety and security information to manufacturers

Omron released a new version to mitigate multiple vulnerabilities in its CX-Supervisor, according to a report by NCCIC.

The vulnerabilities are a code injection, command injection, use after free, and type confusion.

RELATED STORIES
LCDS Fixes LAquis SCADA Holes
Tridium Fixes XSS Hole
Pilz Fixes PNOZmulti Configurator Issue
Omron Clears CX-One CX-Protocol Hole

Successful exploitation of these vulnerabilities could result in a denial-of-service condition, and/or allow an attacker to achieve code execution with privileges within the context of the application.

CX-Supervisor versions 3.42 and prior suffer from the vulnerabilities, discovered by Esteban Ruiz (mr_me) of Source Incite, working with Trend Micro’s Zero Day Initiative.

Cyber Security

In one issue, the application can execute code that has been injected into a project file. An attacker could exploit this to execute code under the privileges of the application.

CVE-2018-19011 is the case number assigned to this vulnerability., which has a CVSS v3 base score of 7.3.

In addition, an attacker could inject commands to delete files and/or delete the contents of a file on the device through a specially crafted project file.

CVE-2018-19013 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.0.

Also, an attacker could inject commands to launch programs and create, write, and read files on the device through a specially crafted project file. An attacker could exploit this to execute code under the privileges of the application.

CVE-2018-19015 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.3.

In addition, several use after free vulnerabilities have been identified. When processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

CVE-2018-19017 is the case number assigned to these vulnerabilities, which has a CVSS v3 base score of 7.3.

Also, a type confusion vulnerability exists when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

CVE-2018-19019 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.3.

The product sees use mainly in the energy sector. It is also deployed on a global basis.

No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely. However, an attacker with low skill level could leverage the vulnerabilities.

Japan-based Omron released Version 3.5.0.11 of CX-Supervisor to address the reported vulnerabilities. To be protected, development projects must be upgraded and saved in the new format, then rebuilt in the latest 3.5.0.11 format. Click here for information on downloading the latest version of CX-Supervisor.

Pin It on Pinterest

Share This