CVE-2019-18251
published 2019-11-26CVE-2019-18251: In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to…
PriorityP345high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
1.74%
74.8th percentile
In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| omron | cx-supervisor | <= 3.5\(12\) | — |
| teamviewer | teamviewer | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mf4j-c7rg-8p9r: In Omron CX-Supervisor, Versions 3
ghsa_unreviewed·2022-05-24
CVE-2019-18251 [MEDIUM] GHSA-mf4j-c7rg-8p9r: In Omron CX-Supervisor, Versions 3
In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit.
CISA ICS
Omron CX-Supervisor (Update A)
cisa_ics·2019-11-14·CVSS 8.8
[HIGH] Omron CX-Supervisor (Update A)
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Omron CX-Supervisor (Update A)
Last RevisedDecember 19, 2019
Alert CodeICSA-19-318-04
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.8
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Omron
- Equipment: CX-Supervisor
- Vulnerability: Use of Obsolete Function
## 2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-19-318-04 Omron CX-Supervisor that was published November 14, 2019, on the ICS webpage on us-cert.gov.
## 3. RISK EVALUATION
Successful exploitation of this vulnerability could result in information disclosur
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-11-26
Published