Skip to main content

Cx Supervisor CVE-2019-18251

HIGH
Use of Obsolete Function (CWE-477)
2019-11-26 ics-cert@hq.dhs.gov
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 26, 2019 - 00:15 nvd
HIGH 8.8

DescriptionNVD

In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit.

AnalysisAI

In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-477. In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit. Affected products include: Omron Cx-Supervisor, Teamviewer. Version information: Version 5.0.8703.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2018-17913 HIGH
7.8 Nov 05

A type confusion vulnerability exists when processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, w

CVE-2018-17909 HIGH
7.8 Nov 05

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, the application fails to check if it is

CVE-2018-17905 HIGH
7.8 Nov 05

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with a specific byte, memo

CVE-2021-20836 MEDIUM
6.5 Oct 19

Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0.16 allows an attacker with administrative privile

CVE-2018-7525 MEDIUM
5.3 Mar 21

In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed packet by a certain executable may cause an untru

CVE-2018-7523 MEDIUM
5.3 Mar 21

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a double free vulnerability. R

CVE-2018-7521 MEDIUM
5.3 Mar 21

In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parse

CVE-2018-7519 MEDIUM
5.3 Mar 21

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap-based buffer overflow.

CVE-2018-7517 MEDIUM
5.3 Mar 21

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability

CVE-2018-7515 MEDIUM
5.3 Mar 21

In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX

CVE-2018-7513 MEDIUM
5.3 Mar 21

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow.

CVE-2018-17907 LOW
3.3 Nov 05

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offse

Share

CVE-2019-18251 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy