Vulnerability Details CVE-2022-26419
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to multiple stack-based buffer overflow conditions while parsing a specific project file, which may allow an attacker to locally execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-02
- https://www.zerodayinitiative.com/advisories/ZDI-22-575/
- https://www.zerodayinitiative.com/advisories/ZDI-22-576/
- https://www.zerodayinitiative.com/advisories/ZDI-22-579/
- https://www.zerodayinitiative.com/advisories/ZDI-22-580/
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-02
- https://www.zerodayinitiative.com/advisories/ZDI-22-575/
- https://www.zerodayinitiative.com/advisories/ZDI-22-576/
- https://www.zerodayinitiative.com/advisories/ZDI-22-579/
- https://www.zerodayinitiative.com/advisories/ZDI-22-580/
Products affected by CVE-2022-26419
-
cpe:2.3:a:omron:cx-position:2.5.3