CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-6556

When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior) fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.3%

CVSS Severity

CVSS v3 Score 6.6

CVSS v2 Score 6.8

References

https://ics-cert.us-cert.gov/advisories/ICSA-19-094-01
https://www.zerodayinitiative.com/advisories/ZDI-19-344/
https://ics-cert.us-cert.gov/advisories/ICSA-19-094-01
https://www.zerodayinitiative.com/advisories/ZDI-19-344/

Products affected by CVE-2019-6556

Omron » Common Components » Version: 2019-01

cpe:2.3:a:omron:common_components:2019-01
Omron » Cx-Programmer » Version: N/A

cpe:2.3:a:omron:cx-programmer:-
Omron » Cx-Programmer » Version: 9.65

cpe:2.3:a:omron:cx-programmer:9.65
Omron » Cx-Programmer » Version: 9.66

cpe:2.3:a:omron:cx-programmer:9.66
Omron » Cx-Programmer » Version: 9.70

cpe:2.3:a:omron:cx-programmer:9.70

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-6556

Products

Pricing

Contact Us