PT-2018-18135 · Omron · Switch Box Utility+6
Rgod
·
Published
2018-04-11
·
Updated
2019-10-09
·
CVE-2018-7530
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Omron CX-One versions 4.42 and prior
CX-FLnet versions 1.00 and prior
CX-Protocol versions 1.992 and prior
CX-Programmer versions 9.65 and prior
CX-Server versions 5.0.22 and prior
Network Configurator versions 3.63 and prior
Switch Box Utility versions 1.68 and prior
Description
The issue allows for the access of resources using an incompatible type condition due to the pointer calling an incorrect object when parsing malformed project files.
Recommendations
For Omron CX-One versions 4.42 and prior, update to a version later than 4.42.
For CX-FLnet versions 1.00 and prior, update to a version later than 1.00.
For CX-Protocol versions 1.992 and prior, update to a version later than 1.992.
For CX-Programmer versions 9.65 and prior, update to a version later than 9.65.
For CX-Server versions 5.0.22 and prior, update to a version later than 5.0.22.
For Network Configurator versions 3.63 and prior, update to a version later than 3.63.
For Switch Box Utility versions 1.68 and prior, update to a version later than 1.68.
Fix
Type Confusion
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cx-Flnet
Cx-One
Cx-Programmer
Cx-Protocol
Cx-Server
Network Configurator
Switch Box Utility