The Omron CX-One software package contains a number of vulnerabilities, the successful operation of which allows you to execute arbitrary code with the rights of the application. Issues are affected by versions of CX-One 4.42 and earlier, including CX-Programmer products (version 9.66 and below), and CX-Server (version 5.0.23 and below).
A total of three vulnerabilities were identified in the solution. The first two are related to the ability to write data outside the buffer. Problems can be exploited by sending a specially formed project file. In this way, the attacker would be able to cause buffer overflow on the stack and execute arbitrary code with application privileges. Vulnerabilities are assigned a common identifier CVE-2018-18993, the degree of their danger is estimated at 6.6 points of possible 10 by the classification of CVSS v3.
The third bug (CVE-2018-18989) is a post-release exploit and, as in previous cases, can be used to execute code by sending a specially-formed project file. The vulnerability was estimated at 5.8 points.
The corrected version of Omron CX-One is already available through the Automatic Update service.
CX-One & #8212; a unified software suite with a single license number. Once CX-one is installed, the user will be able to create, configure and program many different devices, such as PLC, CHMI or multi-axis motion control systems, as well as networks.