[Japanese]

JVNDB-2024-003116

Multiple vulnerabilities in OMRON Sysmac Studio/CX-One and CX-Programmer

Overview

OMRON Sysmac Studio/CX-One and CX-Programmer contain multiple vulnerabilities listed below.

* Out-of-bounds read (CWE-125) - CVE-2024-31412

* Free of pointer not at start of buffer (CWE-761) - CVE-2024-31413

Michael Heinzl reported these vulnerabilities to JPCERT/CC.
JPCERT/CC coordinated with the developer.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 7.8 (High) [Other]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2024-31412


CVSS V3 Severity:
Base Metrics7.8 (High) [Other]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2024-31413
Affected Products


OMRON Corporation
  • CX-One CX-One CXONE-AL [][] D-V4 The version which was installed with a DVD ver. 4.61.1 or lower, and was updated through CX - One V4 auto update in January 2024 or prior
  • CX-Programmer Included in CX-One CXONE-AL [][] D-V4 Ver. 9.81 or lower
  • Sysmac Studio SYSMAC-SE2 [][][] The version which was installed with a DVD ver. 1.56 or lower, and was updated through Sysmac Studio V1 auto update in January 2024 or prior

For more information, refer to the information provided by the developer.
Impact

* Opening a specially crafted project file may lead to information disclosure and/or the product being crashed (CVE-2024-31412)
* Opening a specially crafted project file may lead to arbitrary code execution (CVE-2024-31413)
Solution

[Update the firmware]
Update the firmware to the latest version according to the information provided by the developer.

Regarding the details of how to obtain the update or how to update the firmware, contact the developer and/or the sales representatives.
Vendor Information

OMRON Corporation
CWE (What is CWE?)

  1. Out-of-bounds Read(CWE-125) [Other]
  2. Free of Pointer not at Start of Buffer(CWE-761) [Other]
CVE (What is CVE?)

  1. CVE-2024-31412
  2. CVE-2024-31413
References

  1. JVN : JVNVU#98274902
Revision History

  • [2024/04/24]
      Web page was published