Omron Clears CX-Supervisor Holes

Tuesday, March 13, 2018 @ 05:03 PM gHale

Omron issued a new version to mitigate multiple vulnerabilities in its CX-Supervisor, according to a report with ICS-CERT.

The vulnerabilities include a stack-based buffer overflow, use after free, access of uninitialized pointer, double free, out-of-bounds write, untrusted pointer dereference and a heap-based buffer overflow.

RELATED STORIES
OSIsoft Mitigates PI Data Archive Hole
OSIsoft Fixes PI Vision Issues
OSIsoft Updates PI Web API Holes
Siemens Mitigates Missing Authentication Hole

CX-Supervisor Versions 3.30 and prior suffer from the vulnerabilities, discovered by rgod working with Trend Micro’s Zero Day Initiative.

Successful exploitation of these vulnerabilities could allow remote code execution.

No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely. However, an attacker with low skill level could leverage the vulnerabilities.

In one vulnerability, parsing malformed project files may cause a stack-based buffer overflow.

CVE-2018-7513 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.

In addition, use after free vulnerabilities can end up exploited when CX Supervisor parses a specially crafted project file.

CVE-2018-7521 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.

Also, access of uninitialized pointer vulnerabilities can end up exploited when CX Supervisor indirectly calls an initialized pointer when parsing malformed packets.

CVE-2018-7515 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.

In addition, parsing malformed project files may cause a double free vulnerability.

CVE-2018-7523 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.

Also, parsing malformed project files may cause an out of bounds vulnerability.

CVE-2018-7517 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.

In addition, processing a malformed packet by a certain executable may cause an untrusted pointer dereference vulnerability.

CVE-2018-7525 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.

Finally, parsing malformed project files may cause a heap-based buffer overflow.

CVE-2018-7519 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.

The products see use mainly in the energy sector and on a global basis.

Japan-based Omron released a version 3.4.1 of CX-Supervisor to address the reported vulnerabilities. Users can click here to download the latest version of CX-Supervisor.



Leave a Reply

You must be logged in to post a comment.