Intrusion Prevention

OMRON.CX-One.CX-Protocol.Trace.Memory.Corruption

Description

This indicates an attack attempt to exploit a Memory Corruption Vulnerability in OMRON CX-One CX-Protocol.
A remote attacker may exploit this vulnerability by enticing the victim to open a CX-Protocol application with the crafted project file using the vulnerable version of the software. Successful exploitation could lead to code execution under the security context of the user. Unsuccessful exploitation would lead to a hang or termination of the application.

Affected Products

OMRON CX-One CX-Protocol Versions 2.0 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the ICS-CERT advisory for updates.
https://ics-cert.us-cert.gov/advisories/ICSA-19-010-02

CVE References

CVE-2018-19027

Other References

ICSA-19-010-02