Sign-up

ID

VAR-202102-0316


CVE

CVE-2020-27257


TITLE

Made by OMRON CX-One Multiple vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2021-001004

DESCRIPTION

This vulnerability allows local attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices. Provided by OMRON Corporation CX-One There are multiple vulnerabilities in. ‥ * Untrusted pointer reference (CWE-822) - CVE-2020-27259 ‥ * Stack-based buffer overflow (CWE-121) - CVE-2020-27261 ‥ * Wrong type (CWE-843) - CVE-2020-27257The expected impact depends on each vulnerability, but it may be affected as follows. ‥ * Any memory pointer is referenced by a third party and arbitrary code is executed remotely. - CVE-2020-27259 ‥ * A third party causes a stack-based buffer overflow to execute arbitrary code remotely - CVE-2020-27261 ‥ * A third party enters the crafted data and executes arbitrary code - CVE-2020-27257. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PSW files by the CX-Protocol application. An attacker can leverage this vulnerability to execute code in the context of the current process. Omron CX-One is a set of integrated tool kits of Japan's Omron (Omron) company. The product includes frequency converter, temperature controller and PLC programming software, etc. CX-Protocol is one of the components used to create a serial communication protocol to communicate with standard serial devices. The following products and versions are affected: CX-Protocol Versions 2.02 and prior, CX-Server Versions 5.0.28 and prior, CX-Position Versions 2.52 and prior

Trust: 2.34

sources: NVD: CVE-2020-27257 // JVNDB: JVNDB-2021-001004 // ZDI: ZDI-21-184 // VULHUB: VHN-370737

AFFECTED PRODUCTS

vendor:omronmodel:cx-onescope:lteversion:4.60

Trust: 1.0

vendor:omronmodel:cx-positionscope:lteversion:2.52

Trust: 1.0

vendor:omronmodel:cx-serverscope:lteversion:5.0.28

Trust: 1.0

vendor:omronmodel:cx-protocolscope:lteversion:2.02

Trust: 1.0

vendor:omronmodel:cx-positionscope:eqversion:バージョン 2.52

Trust: 0.8

vendor:omronmodel:cx-protocolscope:eqversion:バージョン 2.02

Trust: 0.8

vendor:omronmodel:cx-serverscope:eqversion:バージョン 5.0.28

Trust: 0.8

vendor:omronmodel:cx-onescope: - version: -

Trust: 0.7

sources: ZDI: ZDI-21-184 // JVNDB: JVNDB-2021-001004 // NVD: CVE-2020-27257

CVSS

SEVERITY

CVSSV2

CVSSV3

IPA: JVNDB-2021-001004
value: MEDIUM

Trust: 1.6

nvd@nist.gov: CVE-2020-27257
value: HIGH

Trust: 1.0

IPA: JVNDB-2021-001004
value: HIGH

Trust: 0.8

ZDI: CVE-2020-27257
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202101-423
value: HIGH

Trust: 0.6

VULHUB: VHN-370737
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-27257
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-370737
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

IPA score: JVNDB-2021-001004
baseSeverity: MEDIUM
baseScore: 6.6
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: HIGH
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 1.6

nvd@nist.gov: CVE-2020-27257
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

IPA score: JVNDB-2021-001004
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-27257
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-184 // VULHUB: VHN-370737 // JVNDB: JVNDB-2021-001004 // JVNDB: JVNDB-2021-001004 // JVNDB: JVNDB-2021-001004 // CNNVD: CNNVD-202101-423 // NVD: CVE-2020-27257

PROBLEMTYPE DATA

problemtype:CWE-843

Trust: 1.9

problemtype:CWE-121

Trust: 0.8

problemtype:CWE-822

Trust: 0.8

sources: VULHUB: VHN-370737 // JVNDB: JVNDB-2021-001004 // NVD: CVE-2020-27257

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202101-423

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202101-423

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2021-001004

PATCH
title:CX-One バージョンアップ プログラム ダウンロードurl:https://www.fa.omron.co.jp/product/tool/26/cxone/one1.html
Trust: 0.8
title:CX-Protocol の更新内容 | Ver.2.03 : CX-Oneオートアップデート(V4向け_2021年1月)url:https://www.fa.omron.co.jp/product/tool/26/cxone/j4_doc.html#cx_protocol
Trust: 0.8
title:共通モジュール の更新内容 | − :CX-Oneオートアップデート(V4向け_2021年1月)url:https://www.fa.omron.co.jp/product/tool/26/cxone/j4_doc.html#common_module
Trust: 0.8
title:CX-Position の更新内容 | Ver.2.53 : CX-Oneオートアップデート(V4向け_2021年1月)url:https://www.fa.omron.co.jp/product/tool/26/cxone/j4_doc.html#cx_position
Trust: 0.8
title:Omron has issued an update to correct this vulnerability.url:https://us-cert.cisa.gov/ics/advisories/icsa-21-007-02
Trust: 0.7
title:Omron Repair measures for buffer errors and vulnerabilities in many productsurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138532
Trust: 0.6
sources:
            
            
            ZDI: ZDI-21-184 // 
            
            
            
            JVNDB: JVNDB-2021-001004 // 
            
            
            
            CNNVD: CNNVD-202101-423

EXTERNAL IDS
db:NVDid:CVE-2020-27257
Trust: 3.2
db:ICS CERTid:ICSA-21-007-02
Trust: 2.5
db:ZDIid:ZDI-21-184
Trust: 2.4
db:JVNid:JVNVU95231601
Trust: 0.8
db:JVNDBid:JVNDB-2021-001004
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-11809
Trust: 0.7
db:AUSCERTid:ESB-2021.0077
Trust: 0.6
db:CNNVDid:CNNVD-202101-423
Trust: 0.6
db:VULHUBid:VHN-370737
Trust: 0.1
sources:
            
            
            ZDI: ZDI-21-184 // 
            
            
            
            VULHUB: VHN-370737 // 
            
            
            
            JVNDB: JVNDB-2021-001004 // 
            
            
            
            CNNVD: CNNVD-202101-423 // 
            
            
            
            NVD: CVE-2020-27257

REFERENCES
url:https://us-cert.cisa.gov/ics/advisories/icsa-21-007-02
Trust: 3.8
url:https://www.zerodayinitiative.com/advisories/zdi-21-184/
Trust: 2.3
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27257
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27259
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27261
Trust: 0.8
url:http://jvn.jp/cert/jvnvu95231601
Trust: 0.8
url:https://www.auscert.org.au/bulletins/esb-2021.0077/
Trust: 0.6
sources:
            
            
            ZDI: ZDI-21-184 // 
            
            
            
            VULHUB: VHN-370737 // 
            
            
            
            JVNDB: JVNDB-2021-001004 // 
            
            
            
            CNNVD: CNNVD-202101-423 // 
            
            
            
            NVD: CVE-2020-27257

CREDITS
rgod
Trust: 0.7
sources:
            
            
            ZDI: ZDI-21-184

SOURCES
db:ZDIid:ZDI-21-184
db:VULHUBid:VHN-370737
db:JVNDBid:JVNDB-2021-001004
db:CNNVDid:CNNVD-202101-423
db:NVDid:CVE-2020-27257

LAST UPDATE DATE
2024-11-23T22:47:42.485000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-21-184date:2021-02-10T00:00:00
db:VULHUBid:VHN-370737date:2021-02-12T00:00:00
db:JVNDBid:JVNDB-2021-001004date:2021-01-14T06:41:19
db:CNNVDid:CNNVD-202101-423date:2021-02-18T00:00:00
db:NVDid:CVE-2020-27257date:2024-11-21T05:20:57.303

SOURCES RELEASE DATE
db:ZDIid:ZDI-21-184date:2021-02-10T00:00:00
db:VULHUBid:VHN-370737date:2021-02-09T00:00:00
db:JVNDBid:JVNDB-2021-001004date:2021-01-14T06:41:19
db:CNNVDid:CNNVD-202101-423date:2021-01-07T00:00:00
db:NVDid:CVE-2020-27257date:2021-02-09T15:15:12.970