Vulnerability Description
Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may cause a stack-based buffer overflow.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Omron | Cx-Flnet | <= 1.00 |
| Omron | Cx-One | <= 4.42 |
| Omron | Cx-Programmer | <= 9.65 |
| Omron | Cx-Protocol | <= 1.992 |
| Omron | Cx-Server | <= 5.0.22 |
| Omron | Network Configurator | <= 3.63 |
| Omron | Switch Box Utility | <= 1.68 |
Related Weaknesses (CWE)
References
- https://ics-cert.us-cert.gov/advisories/ICSA-18-100-02Third Party AdvisoryUS Government Resource
- https://ics-cert.us-cert.gov/advisories/ICSA-18-100-02Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2018-7514?
CVE-2018-7514 is a vulnerability with a CVSS score of 7.8 (HIGH). Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer ver...
How severe is CVE-2018-7514?
CVE-2018-7514 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-7514?
Check the references section above for vendor advisories and patch information. Affected products include: Omron Cx-Flnet, Omron Cx-One, Omron Cx-Programmer, Omron Cx-Protocol, Omron Cx-Server.