CVE-2020-27257

Summary

This vulnerability allows local attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices.

Affected Software

VendorProductVersion RangeStatus
OmronCX-Oneunspecified <= 4.60affected
OmronCX-Protocolunspecified <= 2.02affected
OmronCX-Serverunspecified <= 5.0.28affected
OmronCX-Positionunspecified <= 2.52affected

Weaknesses

  • CWE-843: ACCESS OF RESOURCE USING INCOMPATIBLE TYPE ('TYPE CONFUSION') CWE-843

ADP Enrichment

CVE Program Container

Additional References

References