CVE-2021-27413

Опубликовано: 13 мая 2021

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0 and prior, are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.

Ссылки

https://us-cert.cisa.gov/ics/advisories/icsa-21-131-01
Third Party Advisory
US Government Resource
https://www.zerodayinitiative.com/advisories/ZDI-21-588/
Third Party Advisory
VDB Entry
https://us-cert.cisa.gov/ics/advisories/icsa-21-131-01
Third Party Advisory
US Government Resource
https://www.zerodayinitiative.com/advisories/ZDI-21-588/
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:omron:cx-one:*:*:*:*:*:*:*:*

Версия до 4.60 (включая)

cpe:2.3:a:omron:cx-server:*:*:*:*:*:*:*:*

Версия до 5.0.29 (включая)

EPSS

Процентиль: 74%

0.00794

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-121

CWE-787

Связанные уязвимости

GHSA-j3pj-94ww-qq3j

github

больше 3 лет назад