virus logo Intrusion Prevention

Omron.CX-One.CX-Programmer.Program.Use.after.Free

description-logoDescription

This indicates an attack attempt to exploit a Use After Free Vulnerability in OMRON CX-One CX-Programmer.
A remote attacker may exploit this vulnerability by enticing the victim to open a CX-Programmer application with the crafted .cxp or .cxt project file using a vulnerable version of the software. Successful exploitation could lead to arbitrary code execution under the security context of the user. Unsuccessful exploitation would lead to a hang or termination of the application.

affected-products-logoAffected Products

OMRON Common Components January 2019 and prior
OMRON CX-One CX-Programmer 9.70 and prior

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the ICSA advisory for updates.
https://ics-cert.us-cert.gov/advisories/ICSA-19-094-01

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-06-04 14.625 Default_action:pass:drop
2019-05-21 14.617

References

ICSA-19-094-01
ID 47833
Created May 21, 2019
Updated Oct 11, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2019-6556
Exploit Prediction Score 1.49%
Default Action drop
Active
Affected OS Windows
Affected App SCADA