VYPR
Vendor

Jtekt Electronics Corporation

Products
12
CVEs
17
Across products
33
Status
Private

Products

12

Recent CVEs

17
  • CVE-2022-29958CriJul 26, 2022
    risk 0.64cvss 9.8epss 0.00

    JTEKT TOYOPUC PLCs through 2022-04-29 do not ensure data integrity. They utilize the unauthenticated CMPLink/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. Control logic is downloaded to the PLC on a block-by-block basis with…

  • CVE-2022-29951CriJul 26, 2022
    risk 0.59cvss 9.1epss 0.01

    JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP protocol (configurable on ports 1024-65534 on either TCP or UDP) for a wide variety of engineering purposes such as starting and stopping the PLC, downloading and uploading projects, and…

  • CVE-2023-22360HigFeb 13, 2023
    risk 0.51cvss 7.8epss 0.00

    Use-after free vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process even when an error was detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information…

  • CVE-2023-22349HigFeb 13, 2023
    risk 0.51cvss 7.8epss 0.00

    Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing screen management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may…

  • CVE-2023-22347HigFeb 13, 2023
    risk 0.51cvss 7.8epss 0.00

    Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing file structure information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead…

  • CVE-2023-22346HigFeb 13, 2023
    risk 0.51cvss 7.8epss 0.00

    Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing template information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to…

  • CVE-2023-22345HigFeb 13, 2023
    risk 0.51cvss 7.8epss 0.00

    Out-of-bound write vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process when out of specification errors are detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to…

  • CVE-2023-49713HigDec 12, 2023
    risk 0.49cvss 7.5epss 0.01

    Denial-of-service (DoS) vulnerability exists in NetBIOS service of HMI GC-A2 series. If a remote unauthenticated attacker sends a specially crafted packets to specific ports, a denial-of-service (DoS) condition may occur.

  • CVE-2023-49143HigDec 12, 2023
    risk 0.49cvss 7.5epss 0.01

    Denial-of-service (DoS) vulnerability exists in rfe service of HMI GC-A2 series. If a remote unauthenticated attacker sends a specially crafted packets to specific ports, a denial-of-service (DoS) condition may occur.

  • CVE-2023-49140HigDec 12, 2023
    risk 0.49cvss 7.5epss 0.01

    Denial-of-service (DoS) vulnerability exists in commplex-link service of HMI GC-A2 series. If a remote unauthenticated attacker sends a specially crafted packets to specific ports, a denial-of-service (DoS) condition may occur.

  • CVE-2023-41963HigDec 12, 2023
    risk 0.49cvss 7.5epss 0.01

    Denial-of-service (DoS) vulnerability exists in FTP service of HMI GC-A2 series. If a remote unauthenticated attacker sends a specially crafted packets to specific ports, a denial-of-service (DoS) condition may occur.

  • CVE-2021-27477HigJul 1, 2021
    risk 0.49cvss 7.5epss 0.01

    When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive…

  • CVE-2021-27458HigApr 19, 2021
    risk 0.49cvss 7.5epss 0.01

    If Ethernet communication of the JTEKT Corporation TOYOPUC product series’ (TOYOPUC-PC10 Series: PC10G-CPU TCC-6353: All versions, PC10GE TCC-6464: All versions, PC10P TCC-6372: All versions, PC10P-DP TCC-6726: All versions, PC10P-DP-IO TCC-6752: All versions, PC10B-P…

  • CVE-2025-26401MedApr 4, 2025
    risk 0.42cvss 6.5epss 0.00

    Weak encoding for password vulnerability exists in HMI ViewJet C-more series. If this vulnerability is exploited, authentication information may be obtained by a local authenticated attacker.

  • CVE-2025-25061MedApr 4, 2025
    risk 0.38cvss 5.8epss 0.00

    Unintended proxy or intermediary ('Confused Deputy') issue exists in HMI ViewJet C-more series and HMI GC-A2 series, which may allow a remote unauthenticated attacker to use the product as an intermediary for FTP bounce attack.

  • CVE-2025-24317MedApr 4, 2025
    risk 0.34cvss 5.3epss 0.01

    Allocation of resources without limits or throttling issue exists in HMI ViewJet C-more series and HMI GC-A2 series, which may allow a remote unauthenticated attacker to cause a denial-of-service (DoS) condition.

  • CVE-2025-24310MedApr 4, 2025
    risk 0.28cvss 4.3epss 0.00

    Improper restriction of rendered UI layers or frames issue exists in HMI ViewJet C-more series, which may allow a remote unauthenticated attacker to trick the product user to perform operations on the product's web pages.