HIGH🇵🇱 Wersja polska

CVE-2020-27257

CVSS 7.8v3.1pub. 2021-02-09upd. 2024-11-21

This vulnerability allows local attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Omron Cx One

    APP
    Omron
    ≤ 4.60
  • Omron Cx Position

    APP
    Omron
    ≤ 2.52
  • Omron Cx Protocol

    APP
    Omron
    ≤ 2.02
  • Omron Cx Server

    APP
    Omron
    ≤ 5.0.28
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2022-26417HIGH7.8ten sam produkt

Omron CX-Position (versions 2.5.3 and prior) is vulnerable to a use after free memory condition while processi...

CVE-2022-26419HIGH7.8ten sam produkt

Omron CX-Position (versions 2.5.3 and prior) is vulnerable to multiple stack-based buffer overflow conditions ...

CVE-2022-26022HIGH7.8ten sam produkt

Omron CX-Position (versions 2.5.3 and prior) is vulnerable to an out-of-bounds write while processing a specif...

CVE-2022-25959HIGH7.8ten sam produkt

Omron CX-Position (versions 2.5.3 and prior) is vulnerable to memory corruption while processing a specific pr...

CVE-2022-21137HIGH7.8ten sam produkt

Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific...