Skip to main content

Cx Supervisor CVE-2018-7517

MEDIUM
Out-of-bounds Write (CWE-787)
2018-03-21 ics-cert@hq.dhs.gov
5.3
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

1
CVE Published
Mar 21, 2018 - 20:29 nvd
MEDIUM 5.3

DescriptionNVD

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability.

AnalysisAI

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability. Affected products include: Omron Cx-Supervisor.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).

CVE-2019-18251 HIGH
8.8 Nov 26

In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. Rate

CVE-2018-17913 HIGH
7.8 Nov 05

A type confusion vulnerability exists when processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, w

CVE-2018-17909 HIGH
7.8 Nov 05

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, the application fails to check if it is

CVE-2018-17905 HIGH
7.8 Nov 05

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with a specific byte, memo

CVE-2021-20836 MEDIUM
6.5 Oct 19

Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0.16 allows an attacker with administrative privile

CVE-2018-7525 MEDIUM
5.3 Mar 21

In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed packet by a certain executable may cause an untru

CVE-2018-7523 MEDIUM
5.3 Mar 21

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a double free vulnerability. R

CVE-2018-7521 MEDIUM
5.3 Mar 21

In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parse

CVE-2018-7519 MEDIUM
5.3 Mar 21

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap-based buffer overflow.

CVE-2018-7515 MEDIUM
5.3 Mar 21

In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX

CVE-2018-7513 MEDIUM
5.3 Mar 21

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow.

CVE-2018-17907 LOW
3.3 Nov 05

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offse

Share

CVE-2018-7517 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy