SB2019011805 - Multiple vulnerabilities in Omron CX-Supervisor
Published: January 18, 2019
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 vulnerabilities.
1) Code injection (CVE-ID: CVE-2018-19011)
CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to code injection. A remote unauthenticated attacker can trick the victim into processing a specially crafted processing project files and execute arbitrary code that has been injected into a file under the privileges of the application.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
2) Command injection (CVE-ID: CVE-2018-19013)
CWE-ID: CWE-77 - Command injection
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists due to command injection. A remote unauthenticated attacker can trick the victim into processing a specially crafted processing project files that allows to inject and execute commands to delete files and/or delete the contents of a file on the device.
3) Command injection (CVE-ID: CVE-2018-19015)
CWE-ID: CWE-77 - Command injection
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists due to command injection. A remote unauthenticated attacker can trick the victim into processing a specially crafted processing project files that allows to inject and execute commands to launch programs and create, write, and read files on the device.
4) Use-after-free error (CVE-ID: CVE-2018-19017)
CWE-ID: CWE-416 - Use After Free
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to use-after-free error when malicious input. A remote unauthenticated attacker can trick the victim into processing a specially crafted processing project files, trigger memory corruption and execute arbitrary code under the privileges of the application.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
5) Type confusion (CVE-ID: CVE-2018-19019)
CWE-ID: CWE-843 - Type confusion
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to type confusion when malicious input. A remote unauthenticated attacker can trick the victim into processing a specially crafted processing project files, trigger memory corruption and execute arbitrary code under the privileges of the application.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Install update from vendor's website.