CVE-2025-0591 – An out-of-bounds read vulnerability in CX-Progr... (How to Fix)

Q: What is the severity of CVE-2025-0591?

CVE-2025-0591 has a CVSS score of 7.8 (HIGH). An out-of-bounds read vulnerability in CX-Programmer allows attackers to read sensitive memory contents or cause application crashes. This affects users of Omron's CX-Programmer software for PLC programming. Successful exploitation could lead to information disclosure or denial of service.

📋 TL;DR

An out-of-bounds read vulnerability in CX-Programmer allows attackers to read sensitive memory contents or cause application crashes. This affects users of Omron's CX-Programmer software for PLC programming. Successful exploitation could lead to information disclosure or denial of service.

💻 Affected Systems

Products:

Omron CX-Programmer

Versions: Specific versions not detailed in references, consult vendor advisory for exact affected versions

Operating Systems: Windows (based on typical CX-Programmer deployment)

Default Config Vulnerable: ⚠️ Yes

Notes: Affects standard installations of CX-Programmer used for programming Omron PLCs. No special configuration required for vulnerability.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could read sensitive information from memory including credentials, configuration data, or proprietary logic, potentially leading to industrial espionage or system compromise.

🟠

Likely Case

Application crashes causing denial of service for PLC programming operations, disrupting maintenance and programming activities.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing unauthorized access to engineering workstations.

🌐 Internet-Facing: LOW - CX-Programmer is typically used on internal engineering workstations not directly exposed to the internet.

🏢 Internal Only: MEDIUM - Internal attackers or compromised systems could exploit this vulnerability to disrupt PLC programming operations or gather sensitive information.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires access to the target system and knowledge of the vulnerability. No public exploit code is currently available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific patched versions

Vendor Advisory: https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2025-003_en.pdf

Restart Required: No

Instructions:

1. Download the latest version from Omron's official website. 2. Install the update following vendor instructions. 3. Verify installation by checking version number.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate engineering workstations running CX-Programmer from general network traffic

Access Control

all

Restrict access to CX-Programmer installations to authorized personnel only

🧯 If You Can't Patch

Implement strict network segmentation to isolate affected systems
Apply principle of least privilege and restrict user access to CX-Programmer

🔍 How to Verify

Check if Vulnerable:

Check installed CX-Programmer version against vendor advisory. Review system logs for unexpected crashes or memory access errors.

Check Version:

Check version through CX-Programmer Help > About menu or Windows Programs and Features

Verify Fix Applied:

Verify installed version matches or exceeds the patched version specified in vendor advisory. Test application functionality.

📡 Detection & Monitoring

Log Indicators:

Application crashes of CX-Programmer
Memory access violation errors in Windows Event Logs
Unexpected process termination

Network Indicators:

Unusual network connections to engineering workstations
Attempts to access CX-Programmer from unauthorized systems

SIEM Query:

EventID=1000 OR EventID=1001 Source='CX-Programmer' OR ProcessName='CX-Programmer.exe'

📊 Metadata

CVE ID: CVE-2025-0591

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-125

EPSS Score: 0.03% exploit probability (8.4th percentile)

Published: February 17, 2025

Last Updated: February 17, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0591, you might also want to check these: