ID
VAR-202211-1696
CVE
CVE-2022-43667
TITLE
Made by Omron CX-Programmer Multiple vulnerabilities in
Trust: 0.8
sources:
JVNDB: JVNDB-2022-002765
DESCRIPTION
Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file
Trust: 1.71
sources:
NVD: CVE-2022-43667 //
JVNDB: JVNDB-2022-002765 //
VULHUB: VHN-440787
AFFECTED PRODUCTS
| vendor: | omron | model: | cx-programmer | scope: | lte | version: | 9.77 | Trust: 1.0 |
| vendor: | オムロン株式会社 | model: | cx-programmer | scope: | lte | version: | ver.9.77 and earlier - cve-2022-43508 | Trust: 0.8 |
| vendor: | オムロン株式会社 | model: | cx-programmer | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | オムロン株式会社 | model: | cx-programmer | scope: | lte | version: | ver.9.79 and earlier - cve-2023-22277 , cve-2023-22317 , cve-2023-22314 | Trust: 0.8 |
| vendor: | オムロン株式会社 | model: | cx-programmer | scope: | lte | version: | ver.9.78 and earlier - cve-2022-43509 , cve-2022-43667 | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-002765 //
NVD: CVE-2022-43667
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
JVNDB: JVNDB-2022-002765 //
CNNVD: CNNVD-202211-3541 //
NVD: CVE-2022-43667
PROBLEMTYPE DATA
| problemtype: | CWE-787 | Trust: 1.1 |
| problemtype: | Stack-based buffer overflow (CWE-121) [ others ] | Trust: 0.8 |
| problemtype: | Use of freed memory (CWE-416) [ others ] | Trust: 0.8 |
| problemtype: | Out-of-bounds writing (CWE-787) [ others ] | Trust: 0.8 |
sources:
VULHUB: VHN-440787 //
JVNDB: JVNDB-2022-002765 //
NVD: CVE-2022-43667
THREAT TYPE
local
Trust: 0.6
sources:
CNNVD: CNNVD-202211-3541
TYPE
buffer error
Trust: 0.6
sources:
CNNVD: CNNVD-202211-3541
PATCH
| title: | Information from Omron Corporation | url: | https://jvn.jp/vu/JVNVU92877622/995504/index.html | Trust: 0.8 |
| title: | Omron CX-Programmer Buffer error vulnerability fix | url: | http://123.124.177.30/web/xxk/bdxqById.tag?id=216965 | Trust: 0.6 |
sources:
JVNDB: JVNDB-2022-002765 //
CNNVD: CNNVD-202211-3541
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-43667 | Trust: 3.3 |
| db: | JVN | id: | JVNVU92877622 | Trust: 2.5 |
| db: | JVNDB | id: | JVNDB-2022-002765 | Trust: 1.4 |
| db: | ICS CERT | id: | ICSA-22-356-04 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202211-3541 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-440787 | Trust: 0.1 |
sources:
VULHUB: VHN-440787 //
JVNDB: JVNDB-2022-002765 //
CNNVD: CNNVD-202211-3541 //
NVD: CVE-2022-43667
REFERENCES
| url: | https://jvn.jp/vu/jvnvu92877622/index.html | Trust: 2.5 |
| url: | https://jvn.jp/en/vu/jvnvu92877622/index.html | Trust: 1.7 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2022-43508 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2022-43509 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2022-43667 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2023-22277 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2023-22314 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2023-22317 | Trust: 0.8 |
| url: | https://www.cisa.gov/uscert/ics/advisories/icsa-22-356-04 | Trust: 0.8 |
| url: | https://jvndb.jvn.jp/en/contents/2022/jvndb-2022-002765.html | Trust: 0.6 |
| url: | https://cxsecurity.com/cveshow/cve-2022-43667/ | Trust: 0.6 |
sources:
VULHUB: VHN-440787 //
JVNDB: JVNDB-2022-002765 //
CNNVD: CNNVD-202211-3541 //
NVD: CVE-2022-43667
SOURCES
| db: | VULHUB | id: | VHN-440787 |
| db: | JVNDB | id: | JVNDB-2022-002765 |
| db: | CNNVD | id: | CNNVD-202211-3541 |
| db: | NVD | id: | CVE-2022-43667 |
LAST UPDATE DATE
2024-08-14T14:37:10.119000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-440787 | date: | 2022-12-09T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-002765 | date: | 2024-04-05T09:14:00 |
| db: | CNNVD | id: | CNNVD-202211-3541 | date: | 2022-12-12T00:00:00 |
| db: | NVD | id: | CVE-2022-43667 | date: | 2022-12-09T13:37:39.777 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-440787 | date: | 2022-12-07T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-002765 | date: | 2022-11-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-202211-3541 | date: | 2022-11-25T00:00:00 |
| db: | NVD | id: | CVE-2022-43667 | date: | 2022-12-07T04:15:10.953 |