Omron CX-Supervisor (Update A) (ICSA-18-072-01) – Product Used in the Energy Sector

December 20, 2018

The NCCIC has updated this advisory with additional information on the affected product. ICS-CERT.

March 13, 2018

The NCCIC has released an advisory on vulnerabilities in Omron CX-Supervisor. CX-Supervisor versions 3.30 and prior are affected. Successful exploitation of these vulnerabilities could allow remote code execution. Omron has released a version 3.4.1 of CX-Supervisor to address the reported vulnerabilities. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.