CVE-2018-7514
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
96.7%
Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may cause a stack-based buffer overflow.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| omron | cx-flnet | * | cpe:2.3:a:omron:cx-flnet:*:*:*:*:*:*:*:* |
| omron | cx-one | * | cpe:2.3:a:omron:cx-one:*:*:*:*:*:*:*:* |
| omron | cx-programmer | * | cpe:2.3:a:omron:cx-programmer:*:*:*:*:*:*:*:* |
| omron | cx-protocol | * | cpe:2.3:a:omron:cx-protocol:*:*:*:*:*:*:*:* |
| omron | cx-server | * | cpe:2.3:a:omron:cx-server:*:*:*:*:*:*:*:* |
| omron | network_configurator | * | cpe:2.3:a:omron:network_configurator:*:*:*:*:*:*:*:* |
| omron | switch_box_utility | * | cpe:2.3:a:omron:switch_box_utility:*:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
96.7%