exploitDog

CVE-2018-19018

Опубликовано: 12 фев. 2019

Источник: nvd

CVSS3: 7.3

CVSS2: 6

EPSS Низкий

Описание

An access of uninitialized pointer vulnerability in CX-Supervisor (Versions 3.42 and prior) could lead to type confusion when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

Ссылки

https://ics-cert.us-cert.gov/advisories/ICSA-19-017-01
Mitigation
Third Party Advisory
US Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-19-017-01
Mitigation
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:omron:cx-supervisor:*:*:*:*:*:*:*:*

Версия до 3.42 (включая)

EPSS

Процентиль: 46%

0.0023

Низкий

7.3 High

CVSS3

6 Medium

CVSS2

Дефекты

CWE-824

CWE-824

Связанные уязвимости

GHSA-cq7x-c2fj-552h

CVSS3: 7.3

github

больше 3 лет назад

An access of uninitialized pointer vulnerability in CX-Supervisor (Versions 3.42 and prior) could lead to type confusion when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

EPSS

Процентиль: 46%

0.0023

Низкий

7.3 High

CVSS3

6 Medium

CVSS2

Дефекты

CWE-824

CWE-824