Several high-severity vulnerabilities that might be used to execute code remotely were recently addressed in Omron’s CX-Programmer software.
According to a recent advisory from Japan’s JPCERT/CC, the product is plagued by five use-after-free and out-of-bounds vulnerabilities, all of which have a CVSS score of 7.8.
According to the researchers, the vulnerabilities were introduced due to a lack of sufficient data validation, and successful exploitation might result in the disclosure of sensitive information or uncontrolled code execution.
CX-Programmer versions 9.76.1 and earlier are affected by the CX-Programmer vulnerabilities.
Read More: Securityweek