CVE-2018-7530
First published: Tue Apr 17 2018(Updated: )
Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may allow the pointer to call an incorrect object resulting in an access of resource using incompatible type condition.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Omron Cx-flnet | <=1.00 | |
| Omron CX-One | <=4.42 | |
| Omron CX-Programmer | <=9.65 | |
| Omron Cx-protocol | <=1.992 | |
| Omron Cx-server | <=5.0.22 | |
| Omron Network Configurator | <=3.63 | |
| Omron Switch Box Utility | <=1.68 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-7530?
CVE-2018-7530 is a vulnerability that allows an attacker to parse malformed project files in Omron CX-One versions 4.42 and prior, including various applications such as CX-FLnet, CX-Protocol, CX-Programmer, CX-Server, Network Configurator, and Switch Box Utility.
What is the severity of CVE-2018-7530?
The severity of CVE-2018-7530 is high with a CVSS score of 7.8.
Which software versions are affected by CVE-2018-7530?
Omron CX-One versions 4.42 and prior, including CX-FLnet 1.00 and prior, CX-Protocol 1.992 and prior, CX-Programmer 9.65 and prior, CX-Server 5.0.22 and prior, Network Configurator 3.63 and prior, and Switch Box Utility 1.68.
How can an attacker exploit this vulnerability?
An attacker can exploit CVE-2018-7530 by crafting and delivering a malicious project file to a vulnerable Omron CX-One application, which upon parsing the file can lead to arbitrary code execution or denial of service.
Are there any known mitigation measures for CVE-2018-7530?
It is recommended to update to the latest version of Omron CX-One and its associated applications to mitigate the vulnerability. Additionally, implementing strong access controls and network segmentation can help reduce the risk of a successful attack.
- collector/nvd-index
- agent/softwarecombine
- agent/weakness
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/author
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- vendor/omron
- canonical/omron cx-flnet
- version/omron cx-flnet/1.00
- canonical/omron cx-one
- version/omron cx-one/4.42
- canonical/omron cx-programmer
- version/omron cx-programmer/9.65
- canonical/omron cx-protocol
- version/omron cx-protocol/1.992
- canonical/omron cx-server
- version/omron cx-server/5.0.22
- canonical/omron network configurator
- version/omron network configurator/3.63
- canonical/omron switch box utility
- version/omron switch box utility/1.68