ICSA-19-017-01 · Published 2019-02-07 · View on CISA ICS-CERT ↗

Omron CX-Supervisor (Update A)

CVSS 7.3 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could result in a denial-of-service condition, and/or allow an attacker to achieve code execution with privileges within the context of the application.

CVEs (7)

CVE-2018-19011 CVE-2018-19013 CVE-2018-19015 CVE-2018-19017 CVE-2018-19019 CVE-2018-19018 CVE-2018-19020

Remediations

Omron has released Version 3.5.0.11 of CX-Supervisor to address the reported vulnerabilities. To be protected, development projects must be upgraded and saved in the new format, then rebuilt in the latest 3.5.0.11 format.

Affected Vendors

Omron

Affected Products (1)

Omron · CX-Supervisor <= 3.42

Affected Sectors

Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more