Sign-up

ID

VAR-202105-0677


CVE

CVE-2021-27413


TITLE

Made by OMRON  CX-One  Stack-based buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-001399

DESCRIPTION

Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0 and prior, are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of NCI files in the CX-Position application. When parsing the B_PLC_NAME element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Omron CX-One is a set of integrated tool kits of Japan's Omron (Omron) company. The product includes frequency converter, temperature controller and PLC programming software, etc. There are security holes in CX-One Versions 4.60 and earlier

Trust: 2.97

sources: NVD: CVE-2021-27413 // JVNDB: JVNDB-2021-001399 // ZDI: ZDI-21-588 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-386680 // VULMON: CVE-2021-27413

AFFECTED PRODUCTS

vendor:omronmodel:cx-onescope:lteversion:4.60

Trust: 1.0

vendor:omronmodel:cx-serverscope:lteversion:5.0.29

Trust: 1.0

vendor:オムロン株式会社model:cx-serverscope: - version: -

Trust: 0.8

vendor:オムロン株式会社model:cx-serverscope:eqversion: -

Trust: 0.8

vendor:オムロン株式会社model:cx-serverscope:lteversion:version 5.0.29.0 and earlier

Trust: 0.8

vendor:omronmodel:cx-onescope: - version: -

Trust: 0.7

sources: ZDI: ZDI-21-588 // JVNDB: JVNDB-2021-001399 // NVD: CVE-2021-27413

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-27413
value: HIGH

Trust: 1.0

IPA: JVNDB-2021-001399
value: HIGH

Trust: 0.8

ZDI: CVE-2021-27413
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202105-706
value: HIGH

Trust: 0.6

VULHUB: VHN-386680
value: MEDIUM

Trust: 0.1

VULMON: CVE-2021-27413
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-27413
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-386680
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-27413
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

IPA: JVNDB-2021-001399
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2021-27413
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-588 // VULHUB: VHN-386680 // VULMON: CVE-2021-27413 // JVNDB: JVNDB-2021-001399 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202105-706 // NVD: CVE-2021-27413

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:CWE-121

Trust: 1.0

problemtype:Stack-based buffer overflow (CWE-121) [IPA Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-386680 // JVNDB: JVNDB-2021-001399 // NVD: CVE-2021-27413

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202105-706

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:CX-One  Version upgrade   program   download OMRONurl:https://www.fa.omron.co.jp/product/tool/26/cxone/one1.html

Trust: 0.8

title:Omron has issued an update to correct this vulnerability.url:https://us-cert.cisa.gov/ics/advisories/icsa-21-131-01

Trust: 0.7

title:Omron CX-One Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=151570

Trust: 0.6

sources: ZDI: ZDI-21-588 // JVNDB: JVNDB-2021-001399 // CNNVD: CNNVD-202105-706

EXTERNAL IDS

db:NVDid:CVE-2021-27413

Trust: 3.3

db:ICS CERTid:ICSA-21-131-01

Trust: 2.6

db:ZDIid:ZDI-21-588

Trust: 2.5

db:JVNid:JVNVU90806326

Trust: 0.8

db:JVNDBid:JVNDB-2021-001399

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-11845

Trust: 0.7

db:CNNVDid:CNNVD-202105-706

Trust: 0.7

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:CS-HELPid:SB2021051204

Trust: 0.6

db:AUSCERTid:ESB-2021.1586

Trust: 0.6

db:VULHUBid:VHN-386680

Trust: 0.1

db:VULMONid:CVE-2021-27413

Trust: 0.1

sources: ZDI: ZDI-21-588 // VULHUB: VHN-386680 // VULMON: CVE-2021-27413 // JVNDB: JVNDB-2021-001399 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202105-706 // NVD: CVE-2021-27413

REFERENCES

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-131-01

Trust: 3.9

url:https://www.zerodayinitiative.com/advisories/zdi-21-588/

Trust: 2.5

url:http://jvn.jp/cert/jvnvu90806326

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1586

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021051204

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/787.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: ZDI: ZDI-21-588 // VULHUB: VHN-386680 // VULMON: CVE-2021-27413 // JVNDB: JVNDB-2021-001399 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202105-706 // NVD: CVE-2021-27413

CREDITS

rgod

Trust: 0.7

sources: ZDI: ZDI-21-588

SOURCES

db:ZDIid:ZDI-21-588
db:VULHUBid:VHN-386680
db:VULMONid:CVE-2021-27413
db:JVNDBid:JVNDB-2021-001399
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202105-706
db:NVDid:CVE-2021-27413

LAST UPDATE DATE

2024-08-14T13:17:27.833000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-21-588date:2021-05-13T00:00:00
db:VULHUBid:VHN-386680date:2021-05-21T00:00:00
db:VULMONid:CVE-2021-27413date:2021-05-21T00:00:00
db:JVNDBid:JVNDB-2021-001399date:2021-05-14T06:59:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202105-706date:2021-05-24T00:00:00
db:NVDid:CVE-2021-27413date:2021-05-21T16:34:32.723

SOURCES RELEASE DATE

db:ZDIid:ZDI-21-588date:2021-05-13T00:00:00
db:VULHUBid:VHN-386680date:2021-05-13T00:00:00
db:VULMONid:CVE-2021-27413date:2021-05-13T00:00:00
db:JVNDBid:JVNDB-2021-001399date:2021-05-14T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202105-706date:2021-05-11T00:00:00
db:NVDid:CVE-2021-27413date:2021-05-13T19:15:07.943