HIGH🇬🇧 English

CVE-2023-22317

CVSS 7.8v3.1pub. 2023-08-03upd. 2024-11-21

Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22314.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Omron Cx Programmer

    APP
    Omron
    ≤ 9.79
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEMemory
CWE
Referencje

Powiązane podatności

CVE-2015-0987CRITICAL10.0ten sam produkt

Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cl...

CVE-2023-38746HIGH7.8ten sam produkt

Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and e...

CVE-2023-22314HIGH7.8ten sam produkt

Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially c...

CVE-2023-22277HIGH7.8ten sam produkt

Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially c...

CVE-2023-38747HIGH7.8ten sam produkt

Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and...