CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-21124

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25234.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.5%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

http://www.openwall.com/lists/oss-security/2022/06/14/4
http://www.openwall.com/lists/oss-security/2022/06/16/1
http://xenbits.xen.org/xsa/advisory-404.html
https://jvn.jp/en/vu/JVNVU90121984/index.html
http://www.openwall.com/lists/oss-security/2022/06/14/4
http://www.openwall.com/lists/oss-security/2022/06/16/1
http://xenbits.xen.org/xsa/advisory-404.html
https://jvn.jp/en/vu/JVNVU90121984/index.html

Products affected by CVE-2022-21124

Omron » Cx-Programmer » Version: N/A

cpe:2.3:a:omron:cx-programmer:-
Omron » Cx-Programmer » Version: 9.65

cpe:2.3:a:omron:cx-programmer:9.65
Omron » Cx-Programmer » Version: 9.66

cpe:2.3:a:omron:cx-programmer:9.66
Omron » Cx-Programmer » Version: 9.70

cpe:2.3:a:omron:cx-programmer:9.70
Omron » Cx-Programmer » Version: 9.76.1

cpe:2.3:a:omron:cx-programmer:9.76.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-21124

Products

Pricing

Contact Us