Intrusion PreventionOmron.CX-One.CX-Protocol.Trace.Memory.Corruption
Description
This indicates an attack attempt to exploit a Memory Corruption Vulnerability in OMRON CX-One CX-Protocol.
A remote attacker may exploit this vulnerability by enticing the victim to open a CX-Protocol application with the crafted project file using the vulnerable version of the software. Successful exploitation could lead to code execution under the security context of the user. Unsuccessful exploitation would lead to a hang or termination of the application.
Affected Products
OMRON CX-One CX-Protocol Versions 2.0 and prior
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the ICS-CERT advisory for updates.
https://ics-cert.us-cert.gov/advisories/ICSA-19-010-02
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-10-25 | 14.711 | Default_action:pass:drop |
| 2019-06-10 | 14.629 | Sig Added |
| 2019-06-06 | 14.627 | Severity:medium:high |
| 2019-06-05 | 14.626 |
References
ICSA-19-010-02| ID | 47976 |
| Created | Jun 05, 2019 |
| Updated | Oct 11, 2023 |
| Risk |
|
| CVE ID | CVE-2018-19027 |
| Exploit Prediction Score | 2.9% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | SCADA |