CVE-2018-19011: Code Injection
First published: Tue Jan 22 2019(Updated: )
CX-Supervisor (Versions 3.42 and prior) can execute code that has been injected into a project file. An attacker could exploit this to execute code under the privileges of the application.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Omron CX-Supervisor | <=3.42 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2018-19011.
What is the severity level of CVE-2018-19011?
CVE-2018-19011 has a severity level of high.
What is the affected software for CVE-2018-19011?
The affected software for CVE-2018-19011 is CX-Supervisor versions 3.42 and prior.
How can an attacker exploit CVE-2018-19011?
An attacker can exploit CVE-2018-19011 by injecting code into a project file and executing it under the privileges of the application.
Where can I find more information about CVE-2018-19011?
You can find more information about CVE-2018-19011 at the following references: http://www.securityfocus.com/bid/106654 and https://ics-cert.us-cert.gov/advisories/ICSA-19-017-01.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/omron
- canonical/omron cx-supervisor
- version/omron cx-supervisor/3.42