cbcvebase.

Omron Cx-Programmer vulnerabilities

28 known vulnerabilities affecting omron/cx-programmer.

Total CVEs
28
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH21MEDIUM1LOW2

Vulnerabilities

Page 2 of 2
CVE-2022-21219P3HIGHCVSS 7.8fixed in 9.772022-03-10
CVE-2022-21219 [HIGH] CWE-125 CVE-2022-21219: Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4. Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.
nvd
CVE-2022-43667P3HIGHCVSS 7.8≤ 9.772022-12-07
CVE-2022-43667 [HIGH] CWE-787 CVE-2022-43667: Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.
nvd
CVE-2022-2979P3HIGHCVSS 7.8fixed in 9.78≥ All, < v9.782022-09-12
CVE-2022-2979 [HIGH] CWE-416 CVE-2022-2979: Opening a specially crafted file could cause the affected product to fail to release its memory refe Opening a specially crafted file could cause the affected product to fail to release its memory reference potentially resulting in arbitrary code execution.
nvd
CVE-2023-38747P3HIGHCVSS 7.8≤ 9.802023-08-03
CVE-2023-38747 [HIGH] CWE-787 CVE-2023-38747: Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur.
nvd
CVE-2023-38746P3HIGHCVSS 7.8≤ 9.802023-08-03
CVE-2023-38746 [HIGH] CWE-125 CVE-2023-38746: Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur.
nvd
CVE-2019-6556P4MEDIUMCVSS 6.6≤ 9.702019-04-10
CVE-2019-6556 [MEDIUM] CWE-416 CVE-2019-6556: When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Compo When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior) fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.
nvd
CVE-2015-1015P4LOWCVSS 2.1v9.52015-10-06
CVE-2015-1015 [LOW] CWE-200 CVE-2015-1015: Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it easier for local users to obtain sensitive information by reading a file.
nvd
CVE-2015-0988P4LOWCVSS 2.1≤ 9.52015-10-06
CVE-2015-0988 [LOW] CWE-200 CVE-2015-0988: Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project sourc Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to obtain sensitive information by reading a file.
nvd
Omron Cx-Programmer vulnerabilities | cvebase