Omron.CX-One.CX-Programmer.Program.Use.after.Free
Description
This indicates an attack attempt to exploit a Use After Free Vulnerability in OMRON CX-One CX-Programmer.
A remote attacker may exploit this vulnerability by enticing the victim to open a CX-Programmer application with the crafted .cxp or .cxt project file using a vulnerable version of the software. Successful exploitation could lead to arbitrary code execution under the security context of the user. Unsuccessful exploitation would lead to a hang or termination of the application.
Affected Products
OMRON Common Components January 2019 and prior
OMRON CX-One CX-Programmer 9.70 and prior
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the ICSA advisory for updates.
https://ics-cert.us-cert.gov/advisories/ICSA-19-094-01
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |