Unrated severityNVD Advisory· Published Dec 4, 2018· Updated Aug 5, 2024

CVE-2018-18989

Description

In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Omron/CX-Serverllm-fuzzy
Range: <=5.0.23
Omron/Cx Programmerllm-fuzzy
Range: <=9.66
Omron/CX-Onellm-fuzzy
Range: <=4.42

Patches

Vulnerability mechanics

References

www.securityfocus.com/bid/106106mitrevdb-entryx_refsource_BID
ics-cert.us-cert.gov/advisories/ICSA-18-338-01mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000