Vulnerability Description
Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may allow the pointer to call an incorrect object resulting in an access of resource using incompatible type condition.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Omron | Cx-Flnet | <= 1.00 |
| Omron | Cx-One | <= 4.42 |
| Omron | Cx-Programmer | <= 9.65 |
| Omron | Cx-Protocol | <= 1.992 |
| Omron | Cx-Server | <= 5.0.22 |
| Omron | Network Configurator | <= 3.63 |
| Omron | Switch Box Utility | <= 1.68 |
Related Weaknesses (CWE)
References
- https://ics-cert.us-cert.gov/advisories/ICSA-18-100-02Third Party AdvisoryUS Government Resource
- https://ics-cert.us-cert.gov/advisories/ICSA-18-100-02Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2018-7530?
CVE-2018-7530 is a vulnerability with a CVSS score of 7.8 (HIGH). Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer ver...
How severe is CVE-2018-7530?
CVE-2018-7530 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-7530?
Check the references section above for vendor advisories and patch information. Affected products include: Omron Cx-Flnet, Omron Cx-One, Omron Cx-Programmer, Omron Cx-Protocol, Omron Cx-Server.