CVE-2018-8834

Name of the Vulnerable Software and Affected Versions Omron CX-One versions 4.42 and prior CX-FLnet versions 1.00 and prior CX-Protocol versions 1.992 and prior CX-Programmer versions 9.65 and prior CX-Server versions 5.0.22 and prior Network Configurator versions 3.63 and prior Switch Box Utility versions 1.68 and prior

Description The issue is related to parsing malformed project files, which may cause a heap-based buffer overflow. This can potentially lead to remote code execution. The estimated number of potentially affected devices worldwide is not specified. There is no information provided about real-world incidents where this issue was exploited.

Recommendations For Omron CX-One versions 4.42 and prior, update to a version later than 4.42 to resolve the issue. For CX-FLnet versions 1.00 and prior, update to a version later than 1.00 to resolve the issue. For CX-Protocol versions 1.992 and prior, update to a version later than 1.992 to resolve the issue. For CX-Programmer versions 9.65 and prior, update to a version later than 9.65 to resolve the issue. For CX-Server versions 5.0.22 and prior, update to a version later than 5.0.22 to resolve the issue. For Network Configurator versions 3.63 and prior, update to a version later than 3.63 to resolve the issue. For Switch Box Utility versions 1.68 and prior, update to a version later than 1.68 to resolve the issue.