← voltar
CVE-2019-6556

CVE-2019-6556

EPSS 1.2%CWE-416
When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior) fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.
Produtos afetados
Omron · CX-Programmer within CX-One

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://ics-cert.us-cert.gov/advisories/ICSA-19-094-01https://www.zerodayinitiative.com/advisories/ZDI-19-344/