Sign-up

ID

VAR-202201-0707


CVE

CVE-2022-21137


TITLE

Made by OMRON  CX-One  Stack-based buffer overflow vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-001001

DESCRIPTION

Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of SDD files in the CXDrive module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. The Omron CX-One is an integrated toolkit from the Japanese company Omron. The product includes frequency converter, temperature controller and PLC programming software

Trust: 3.6

sources: NVD: CVE-2022-21137 // JVNDB: JVNDB-2022-001001 // ZDI: ZDI-22-374 // ZDI: ZDI-22-373 // CNVD: CNVD-2022-04998 // VULHUB: VHN-409493 // VULMON: CVE-2022-21137

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-04998

AFFECTED PRODUCTS

vendor:omronmodel:cx-onescope: - version: -

Trust: 2.0

vendor:omronmodel:cx-onescope:lteversion:4.60

Trust: 1.0

vendor:オムロン株式会社model:cx-onescope:eqversion: -

Trust: 0.8

vendor:オムロン株式会社model:cx-onescope:lteversion:4.60 and earlier

Trust: 0.8

sources: ZDI: ZDI-22-374 // ZDI: ZDI-22-373 // CNVD: CNVD-2022-04998 // JVNDB: JVNDB-2022-001001 // NVD: CVE-2022-21137

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2022-21137
value: HIGH

Trust: 1.4

nvd@nist.gov: CVE-2022-21137
value: HIGH

Trust: 1.0

ics-cert@hq.dhs.gov: CVE-2022-21137
value: HIGH

Trust: 1.0

OTHER: JVNDB-2022-001001
value: HIGH

Trust: 0.8

CNVD: CNVD-2022-04998
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202201-427
value: HIGH

Trust: 0.6

VULHUB: VHN-409493
value: MEDIUM

Trust: 0.1

VULMON: CVE-2022-21137
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-21137
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

CNVD: CNVD-2022-04998
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-409493
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-21137
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 2.0

ZDI: CVE-2022-21137
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.4

OTHER: JVNDB-2022-001001
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: ZDI: ZDI-22-374 // ZDI: ZDI-22-373 // CNVD: CNVD-2022-04998 // VULHUB: VHN-409493 // VULMON: CVE-2022-21137 // JVNDB: JVNDB-2022-001001 // CNNVD: CNNVD-202201-427 // NVD: CVE-2022-21137 // NVD: CVE-2022-21137

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:CWE-121

Trust: 1.0

problemtype:Stack-based buffer overflow (CWE-121) [ Other ]

Trust: 0.8

sources: VULHUB: VHN-409493 // JVNDB: JVNDB-2022-001001 // NVD: CVE-2022-21137

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202201-427

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202201-427

PATCH

title:Omron has issued an update to correct this vulnerability.url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-006-01

Trust: 1.4

title:CX-One Ver.4  Details of each software updateurl:https://www.fa.omron.co.jp/product/tool/26/cxone/j4_doc.html#common_module

Trust: 0.8

title:Patch for Omron CX-One Buffer Overflow Vulnerability (CNVD-2022-04998)url:https://www.cnvd.org.cn/patchInfo/show/314551

Trust: 0.6

title:Omron CX-One Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=177260

Trust: 0.6

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-23305

Trust: 0.1

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-RCE

Trust: 0.1

sources: ZDI: ZDI-22-374 // ZDI: ZDI-22-373 // CNVD: CNVD-2022-04998 // VULMON: CVE-2022-21137 // JVNDB: JVNDB-2022-001001 // CNNVD: CNNVD-202201-427

EXTERNAL IDS

db:NVDid:CVE-2022-21137

Trust: 4.6

db:ICS CERTid:ICSA-22-006-01

Trust: 2.6

db:ZDIid:ZDI-22-374

Trust: 2.5

db:ZDIid:ZDI-22-373

Trust: 2.5

db:JVNid:JVNVU91728245

Trust: 0.8

db:JVNDBid:JVNDB-2022-001001

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-14204

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-14038

Trust: 0.7

db:CNVDid:CNVD-2022-04998

Trust: 0.7

db:CNNVDid:CNNVD-202201-427

Trust: 0.7

db:CS-HELPid:SB2022010704

Trust: 0.6

db:AUSCERTid:ESB-2022.0081

Trust: 0.6

db:VULHUBid:VHN-409493

Trust: 0.1

db:VULMONid:CVE-2022-21137

Trust: 0.1

sources: ZDI: ZDI-22-374 // ZDI: ZDI-22-373 // CNVD: CNVD-2022-04998 // VULHUB: VHN-409493 // VULMON: CVE-2022-21137 // JVNDB: JVNDB-2022-001001 // CNNVD: CNNVD-202201-427 // NVD: CVE-2022-21137

REFERENCES

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-006-01

Trust: 4.1

url:https://www.zerodayinitiative.com/advisories/zdi-22-373/

Trust: 2.4

url:https://www.zerodayinitiative.com/advisories/zdi-22-374/

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2022-21137

Trust: 1.2

url:http://jvn.jp/vu/jvnvu91728245/index.html

Trust: 0.8

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-006-01

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022010704

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0081

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/787.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/alphabugx/cve-2022-23305

Trust: 0.1

sources: ZDI: ZDI-22-374 // ZDI: ZDI-22-373 // CNVD: CNVD-2022-04998 // VULHUB: VHN-409493 // VULMON: CVE-2022-21137 // JVNDB: JVNDB-2022-001001 // CNNVD: CNNVD-202201-427 // NVD: CVE-2022-21137

CREDITS

xina1i

Trust: 1.4

sources: ZDI: ZDI-22-374 // ZDI: ZDI-22-373

SOURCES

db:ZDIid:ZDI-22-374
db:ZDIid:ZDI-22-373
db:CNVDid:CNVD-2022-04998
db:VULHUBid:VHN-409493
db:VULMONid:CVE-2022-21137
db:JVNDBid:JVNDB-2022-001001
db:CNNVDid:CNNVD-202201-427
db:NVDid:CVE-2022-21137

LAST UPDATE DATE

2024-11-23T22:24:48.394000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-22-374date:2022-02-16T00:00:00
db:ZDIid:ZDI-22-373date:2022-02-16T00:00:00
db:CNVDid:CNVD-2022-04998date:2022-01-26T00:00:00
db:VULHUBid:VHN-409493date:2022-03-17T00:00:00
db:VULMONid:CVE-2022-21137date:2022-03-17T00:00:00
db:JVNDBid:JVNDB-2022-001001date:2022-01-11T05:05:00
db:CNNVDid:CNNVD-202201-427date:2022-02-17T00:00:00
db:NVDid:CVE-2022-21137date:2024-11-21T06:43:58.283

SOURCES RELEASE DATE

db:ZDIid:ZDI-22-374date:2022-02-16T00:00:00
db:ZDIid:ZDI-22-373date:2022-02-16T00:00:00
db:CNVDid:CNVD-2022-04998date:2022-01-19T00:00:00
db:VULHUBid:VHN-409493date:2022-01-14T00:00:00
db:VULMONid:CVE-2022-21137date:2022-01-14T00:00:00
db:JVNDBid:JVNDB-2022-001001date:2022-01-11T00:00:00
db:CNNVDid:CNNVD-202201-427date:2022-01-06T00:00:00
db:NVDid:CVE-2022-21137date:2022-01-14T20:15:15.687