Rewterz Threat Advisory – Omron CX-Supervisor Multiple Vulnerabilities

Wednesday, November 6, 2019

Severity

High

Analysis Summary

CVE-2019-11769

An issue was discovered in TeamViewer 14.2.2558. Updating the product as a non-administrative user requires entering administrative credentials into the GUI. Subsequently, these credentials are processed in Teamviewer.exe, which allows any application running in the same non-administrative user context to intercept them in cleartext within process memory. By using this technique, a local attacker is able to obtain administrative credentials in order to elevate privileges. This vulnerability can be exploited by injecting code into Teamviewer.exe which intercepts calls to GetWindowTextW and logs the processed credentials.

CVE-2018-16550

TeamViewer 10.x through 13.x allows remote attackers to bypass the brute-force authentication protection mechanism by skipping the “Cancel” step, which makes it easier to determine the correct value of the default 4-digit PIN.

CVE-2018-14333

TeamViewer through 13.1.1548 stores a password in Unicode format within TeamViewer.exe process memory between “[00 88] and “[00 00 00]” delimiters, which might make it easier for attackers to obtain sensitive information by leveraging an unattended workstation on which TeamViewer has disconnected but remains running.

CVE-2010-3128

Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file.

Impact

Use of Obsolete Function

Affected Vendors

Omron

Affected products

CX-Supervisor Versions 3.5 (12) and prior

Remediation

Omron recommends users update to CX-Supervisor 3.51 (9).

https://www.myomron.com/index.php?action=kb&article=1713

Data Sheets

Corporate Brochure


Our Story


Services


Solutions


Managed Security


Upcoming Rewterz Trainings/Events

Rewterz News

  • 12, November 2019 Rewterz Threat Alert – Sodinokibi Ransomware Targeting Asia via the RIG Exploit Kit
  • 12, November 2019 Rewterz Threat Alert – Scammers Abusing a New Firefox Browser Lock Bug
  • 11, November 2019 Rewterz Threat Alert – Variant of Adwind RAT Targets Petroleum Sector
  • 11, November 2019 Rewterz Threat Alert – Titanium Malware: the Platinum group strikes again

Copyright © Rewterz. All rights reserved.