CX-Supervisor allows to rapidly create human-machine interfaces (HMIs) for supervisory control and data acquisition (SCADA) systems thanks to the availability of a large number of predefined functions and libraries. The software is widely adopted in multiple industries, mainly in the energy sector.
The vulnerabilities were reported through Trend Micro’s Zero Day Initiative (ZDI). by the security expert Esteban Ruiz of Source Incite. One of the vulnerabilities, tracked as CVE-2018-19027 received a “high” severity rating.
The CVE-2018-19027 flaw affects the CX-One products, the flaw was reported to the vendor on 2018-07-02 while it was publicly disclosed on 2019-01-14.
“This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-One CX-Protocol. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.” reported the advisory published by ZDI.
“The specific flaw exists within the handling of PSW files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process.”
The ICS-CERT published an advisory that includes details for all the vulnerabilities discovered by the expert, The addressed issues include a use-after-free, lack of proper validation for user-supplied input, and type confusion issues that can be exploited by attackers to execute arbitrary code on the vulnerable systems.
The “IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND (‘COMMAND INJECTION’) CWE-77″ could allow
The vulnerabilities have been addressed with the release of version 18.104.22.168 of CX-Supervisor.
The ICS-CERT also suggest to upgrade development projects and save them in the new format, then rebuilt in the latest 22.214.171.124 format.
CX-Supervisor, ICS (
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.