Rewterz Threat Alert – RecordBreaker Malware – Active IOCs
January 26, 2023Rewterz Threat Alert – CrySIS aka Dharma Ransomware – Active IOCs
January 26, 2023Rewterz Threat Alert – RecordBreaker Malware – Active IOCs
January 26, 2023Rewterz Threat Alert – CrySIS aka Dharma Ransomware – Active IOCs
January 26, 2023Severity
High
Analysis Summary
CVE-2023-22322 CVSS:5.5
OMRON CX-Motion Pro is vulnerable to an XML external entity injection (XXE) attack when processing XML data, caused by a weakly configured XML parser. By persuading a victim to open specially-crafted XML content, a remote attacker could exploit this vulnerability to read arbitrary files.
CVE-2023-22366 CVSS:9.8
OMRON CX-Motion-MCH could allow a remote attacker to execute arbitrary code on the system, caused by an access of uninitialized pointer vulnerability. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-22357 CVSS:9.1
OMRON CP1L-EL20DR-D could allow a remote attacker to execute arbitrary code on the system, caused by containing active debug code. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2022-46282 CVSS:7.8
OMRON CX-Drive could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2022-43667 CVSS:7.8
OMRON CX-Programmer is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. By persuading a victim to open a specially-crafted CXP file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2022-43509 CVSS:7.8
OMRON CX-Programmer could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write. By persuading a victim to open a specially-crafted CXP file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2022-43508 CVSS:7.8
OMRON CX-Programmer could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free. By persuading a victim to open a specially-crafted CXP file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
- Buffer Overflow
- Unauthorized Access
Indicators Of Compromise
CVE
- CVE-2023-22322
- CVE-2023-22366
- CVE-2023-22357
- CVE-2022-46282
- CVE-2022-43667
- CVE-2022-43509
- CVE-2022-43508
Affected Vendors
Omron
Affected Products
- OMRON CX-Motion Pro 1.4.6.013
- OMRON CX-Motion-MCH 2.32
- OMRON CP1L-EL20DR-DOMRON CX-Drive 3.00
- Omron CX-Programmer 9.66Omron CX-Programmer 9.65
Remediation
Upgrade to the latest versions, available from the OMRON Web site.