Описание
This vulnerability allows local attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party Advisory
- Third Party AdvisoryUS Government Resource
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.60 (включая)Версия до 2.52 (включая)Версия до 2.02 (включая)Версия до 5.0.28 (включая)
Одно из
cpe:2.3:a:omron:cx-one:*:*:*:*:*:*:*:*
cpe:2.3:a:omron:cx-position:*:*:*:*:*:*:*:*
cpe:2.3:a:omron:cx-protocol:*:*:*:*:*:*:*:*
cpe:2.3:a:omron:cx-server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00525
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-843
CWE-843
Связанные уязвимости
github
больше 3 лет назад
This vulnerability allows local attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices.
EPSS
Процентиль: 66%
0.00525
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-843
CWE-843