[Japanese]

JVNDB-2021-003080

OMRON CX-Supervisor vulnerable to out-of-bounds read

Overview

CX-Supervisor provided by OMRON Corporation contains an out-of-bounds read vulnerability (CWE-125, CVE-2021-20836).

Michael Heinzl reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 6.5 (Medium) [Other]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
Affected Products


OMRON Corporation
  • CX-Supervisor v4.0.0.13
  • CX-Supervisor v4.0.0.16

The developer states that validation on v4.0.0.13 and v4.0.0.16 was conducted and the vulnerability was confirmed on those versions. However other versions may be affected by this vulnerability. CX-Supervisor is the product sold outside Japan.
Impact

If a user of the product has access to change system settings and opens a specially crafted SCS project file, information disclosure and/or arbitrary code execution may occur.
Solution

[Update the software]
Update the software to the latest version according to the information provided by the developer.
The developer released the following version that contains the fix for this vulnerability.

* CX-Supervisor 4.1.1.2

Vendor Information

OMRON Corporation
CWE (What is CWE?)

  1. Out-of-bounds Read(CWE-125) [Other]
CVE (What is CVE?)

  1. CVE-2021-20836
References

  1. JVN : JVNVU#90041391
  2. National Vulnerability Database (NVD) : CVE-2021-20836
Revision History

  • [2021/10/18]
      Web page was published
  • [2021/11/01]
      References : Content was added

Date Public2021/10/15
Date First Published2021/10/18
Date Last Updated2021/11/01