CVE-2018-19027

Name of the Vulnerable Software and Affected Versions OMRON CX-One versions 4.50 and prior OMRON CX-Protocol versions 2.0 and prior

Description The issue is related to type confusion vulnerabilities that can be exploited when processing project files. An attacker could use a specially crafted project file to execute code under the privileges of the application.

Recommendations For OMRON CX-One versions 4.50 and prior, update to a version later than 4.50 to resolve the issue. For OMRON CX-Protocol versions 2.0 and prior, update to a version later than 2.0 to resolve the issue. As a temporary workaround, consider restricting the use of project files from untrusted sources until a patch is available.