OMRON Fixes Holes in CX-Supervisor

Wednesday, October 17, 2018 @ 10:10 AM gHale

Omron has an update to mitigate multiple vulnerabilities in its CX-Supervisor, according to a report with NCCIC.

The vulnerabilities include improper restriction of operations within the bounds of a memory buffer, out-of-bounds read, use-after-free, incorrect type conversion or cast.

RELATED STORIES
LCDS Mitigates Vulnerabilities
NUUO Clears Video Recorder Holes
NUUO Fixes CMS Vulnerabilities
Delta Fixes Industrial Automation TPEditor

Successful exploitation of these vulnerabilities could allow an attacker to execute code under the context of the application, corrupt objects, and force the application to read a value outside of an array.

CX-Supervisor Versions 3.4.1.0 and prior suffer from the vulnerabilities, discovered by Mat Powell of Trend Micro Zero Day Initiative, Ariele Caltabiano (kimiya) of 9SG Security Team, and b0nd @garage4hackers working with Trend Micro’s Zero Day Initiative.

In one vulnerability, when processing project files and tampering with a specific byte, memory corruption may occur within a specific object.

CVE-2018-17905 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 4.5.

In addition, when processing project files and tampering with the value of an offset, an attacker can force the application to read a value outside of an array.

CVE-2018-17907 is the case numer assigned to this vulnerability, which has a CVSS v3 base score of 2.5.

Also, when processing project files the application fails to check if it is referencing freed memory, which may allow an attacker to execute code in under the context of the application.

CVE-2018-17909 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 4.5.

In addition, a type confusion vulnerability exists when processing project files, which may allow an attacker to execute code in the context of the application.

CVE-2018-17913 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.0.

The product sees use mainly in the energy sector and it sees action on a global basis.

No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely. High skill level is needed to exploit.

Omron released Version 3.4.2 of CX-Supervisor to address the reported vulnerabilities.



Leave a Reply

You must be logged in to post a comment.