VYPR

Vendor CVEs

Omron

All CVEs

73 total · sorted by risk
  • CVE-2015-0987CriOct 6, 2015
    risk 0.65cvss 10.0epss 0.01

    Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive information by sniffing the network during a PLC unlock request.

  • CVE-2019-18269CriDec 16, 2019
    risk 0.64cvss 9.8epss 0.01

    Omron’s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability.

  • CVE-2018-6624CriFeb 5, 2018
    risk 0.64cvss 9.8epss 0.02

    OMRON NS devices 1.1 through 1.3 allow remote attackers to bypass authentication via a direct request to the .html file for a specific screen, as demonstrated by monitor.html.

  • CVE-2022-34151HigJul 4, 2022
    risk 0.53cvss 8.1epss 0.01

    Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation…

  • CVE-2019-13533HigDec 16, 2019
    risk 0.53cvss 8.1epss 0.01

    In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves.

  • CVE-2025-0591HigFeb 17, 2025
    risk 0.51cvss 7.8epss 0.00

    Out-of-bounds Read vulnerability (CWE-125) was found in CX-Programmer. Attackers may be able to read sensitive information or cause an application crash by abusing this vulnerability.

  • CVE-2024-31412HigMay 1, 2024
    risk 0.51cvss 7.8epss 0.00

    Out-of-bounds read vulnerability exists in CX-Programmer included in CX-One CXONE-AL[][]D-V4 Ver. 9.81 or lower. Opening a specially crafted project file may lead to information disclosure and/or the product being crashed.

  • CVE-2018-8834HigApr 17, 2018
    risk 0.51cvss 7.8epss 0.00

    Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator…

  • CVE-2018-7530HigApr 17, 2018
    risk 0.51cvss 7.8epss 0.00

    Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator…

  • CVE-2018-7514HigApr 17, 2018
    risk 0.51cvss 7.8epss 0.00

    Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator…

  • CVE-2022-33971HigJul 4, 2022
    risk 0.49cvss 7.5epss 0.01

    Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, and Machine automation controller NJ series all models V 1.48 and…

  • CVE-2020-6986HigMar 5, 2020
    risk 0.49cvss 7.5epss 0.02

    In all versions of Omron PLC CJ Series, an attacker can send a series of specific data packets within a short period, causing a service error on the PLC Ethernet module, which in turn causes a PLC service denied result.

  • CVE-2024-27121HigMar 12, 2024
    risk 0.47cvss 7.2epss 0.01

    Path traversal vulnerability exists in Machine Automation Controller NJ Series and Machine Automation Controller NX Series. An arbitrary file in the affected product may be accessed or arbitrary code may be executed by processing a specially crafted request sent from a remote…

  • CVE-2025-1384HigJul 14, 2025
    risk 0.46cvss 7.0epss 0.00

    Least Privilege Violation (CWE-272) Vulnerability exists in the communication function between the NJ/NX-series Machine Automation Controllers and the Sysmac Studio Software. An attacker may use this vulnerability to perform unauthorized access and to execute unauthorized code…

  • CVE-2024-12083MedJan 14, 2025
    risk 0.43cvss 6.6epss 0.01

    Path Traversal Vulnerabilities (CWE-22) exist in NJ/NX-series Machine Automation Controllers. An attacker may use these vulnerabilities to perform unauthorized access and to execute unauthorized code remotely to the controller products.

  • CVE-2024-31413MedMay 1, 2024
    risk 0.38cvss 5.9epss 0.00

    Free of pointer not at start of buffer vulnerability exists in CX-One CX-One CXONE-AL[][]D-V4 (The version which was installed with a DVD ver. 4.61.1 or lower, and was updated through CX-One V4 auto update in January 2024 or prior) and Sysmac Studio SYSMAC-SE2[][][] (The version…

  • CVE-2024-49501MedNov 1, 2024
    risk 0.37cvss 5.7epss 0.00

    Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If this vulnerability is exploited, an attacker may access the program which is protected by Data Protection function.

  • CVE-2024-12298MedJan 14, 2025
    risk 0.36cvss 5.5epss 0.00

    We found a vulnerability Improper Restriction of XML External Entity Reference (CWE-611) in NB-series NX-Designer. Attackers may be able to abuse this vulnerability to disclose confidential data on a computer.

  • CVE-2018-7525MedMar 21, 2018
    risk 0.34cvss 5.3epss 0.00

    In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed packet by a certain executable may cause an untrusted pointer dereference vulnerability.

  • CVE-2018-7523MedMar 21, 2018
    risk 0.34cvss 5.3epss 0.00

    In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a double free vulnerability.

  • CVE-2018-7521MedMar 21, 2018
    risk 0.34cvss 5.3epss 0.00

    In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parses a specially crafted project file.

  • CVE-2018-7519MedMar 21, 2018
    risk 0.34cvss 5.3epss 0.00

    In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap-based buffer overflow.

  • CVE-2018-7517MedMar 21, 2018
    risk 0.34cvss 5.3epss 0.00

    In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability.

  • CVE-2018-7515MedMar 21, 2018
    risk 0.34cvss 5.3epss 0.00

    In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX Supervisor indirectly calls an initialized pointer when parsing malformed packets.

  • CVE-2018-7513MedMar 21, 2018
    risk 0.34cvss 5.3epss 0.00

    In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow.

  • CVE-2000-0704Oct 20, 2000
    risk 0.04cvss epss 0.13

    Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to execute arbitrary commands via long JS_OPEN, JS_MKDIR, or JS_FILE_INFO commands.

  • CVE-2022-45792Jan 22, 2024
    risk 0.00cvss epss 0.00

    Project files may contain malicious contents which the software will use to create files on the filesystem. This allows directory traversal and overwriting files with the privileges of the logged-in user.

  • CVE-2022-45790Jan 22, 2024
    risk 0.00cvss epss 0.01

    The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic.

  • CVE-2022-45794Jan 10, 2024
    risk 0.00cvss epss 0.01

    An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions) may use a network protocol to read and write files on the PLC internal memory and memory card.

  • CVE-2022-45793Jan 10, 2024
    risk 0.00cvss epss 0.00

    Sysmac Studio installs executables in a directory with poor permissions. This can allow a locally-authenticated attacker to overwrite files which will result in code execution with privileges of a different user.

  • CVE-2023-22277Aug 3, 2023
    risk 0.00cvss epss 0.00

    Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22317 and CVE-2023-22314.

  • CVE-2023-38748Aug 3, 2023
    risk 0.00cvss epss 0.00

    Use after free vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur.

  • CVE-2023-38747Aug 3, 2023
    risk 0.00cvss epss 0.00

    Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur.

  • CVE-2023-38746Aug 3, 2023
    risk 0.00cvss epss 0.00

    Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur.

  • CVE-2023-38744Aug 3, 2023
    risk 0.00cvss epss 0.01

    Denial-of-service (DoS) vulnerability due to improper validation of specified type of input issue exists in the built-in EtherNet/IP port of the CJ Series CJ2 CPU unit and the communication function of the CS/CJ Series EtherNet/IP unit. If an affected product receives a packet…

  • CVE-2023-27396Jun 19, 2023
    risk 0.00cvss epss 0.01

    FINS (Factory Interface Network Service) is a message communication protocol, which is designed to be used in closed FA (Factory Automation) networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following…

  • CVE-2023-0811Mar 16, 2023
    risk 0.00cvss epss 0.01

    Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. If an adversary issues a PROGRAM AREA WRITE command to a specific memory region, they could overwrite the password. This may lead to disabling UM protections or…

  • CVE-2023-22322Jan 30, 2023
    risk 0.00cvss epss 0.00

    Improper restriction of XML external entity reference (XXE) vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may…

  • CVE-2023-22357Jan 17, 2023
    risk 0.00cvss epss 0.01

    Active debug code exists in OMRON CP1L-EL20DR-D all versions, which may lead to a command that is not specified in FINS protocol being executed without authentication. A remote unauthenticated attacker may read/write in arbitrary area of the device memory, which may lead to…

  • CVE-2023-22366Jan 17, 2023
    risk 0.00cvss epss 0.00

    CX-Motion-MCH v2.32 and earlier contains an access of uninitialized pointer vulnerability. Having a user to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.

  • CVE-2022-43509Dec 7, 2022
    risk 0.00cvss epss 0.00

    Out-of-bounds write vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.

  • CVE-2022-43667Dec 7, 2022
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.

  • CVE-2022-3396Oct 6, 2022
    risk 0.00cvss epss 0.01

    OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.

  • CVE-2022-3398Oct 6, 2022
    risk 0.00cvss epss 0.01

    OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.

  • CVE-2022-3397Oct 6, 2022
    risk 0.00cvss epss 0.01

    OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.

  • CVE-2022-2979Sep 12, 2022
    risk 0.00cvss epss 0.00

    Opening a specially crafted file could cause the affected product to fail to release its memory reference potentially resulting in arbitrary code execution.

  • CVE-2022-31207Jul 26, 2022
    risk 0.00cvss epss 0.01

    The Omron SYSMAC Cx product family PLCs (CS series, CJ series, and CP series) through 2022-05-18 lack cryptographic authentication. They utilize the Omron FINS (9600/TCP) protocol for engineering purposes, including downloading projects and control logic to the PLC. This…

  • CVE-2022-31206Jul 26, 2022
    risk 0.00cvss epss 0.01

    The Omron SYSMAC Nx product family PLCs (NJ series, NY series, NX series, and PMAC series) through 2022-005-18 lack cryptographic authentication. These PLCs are programmed using the SYMAC Studio engineering software (which compiles IEC 61131-3 conformant POU code to native…

  • CVE-2022-31205Jul 26, 2022
    risk 0.00cvss epss 0.01

    In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to the Web UI is stored in memory area D1449...D1452 and can be read out using the Omron FINS protocol without any further authentication.

  • CVE-2022-31204Jul 26, 2022
    risk 0.00cvss epss 0.01

    Omron CS series, CJ series, and CP series PLCs through 2022-05-18 use cleartext passwords. They feature a UM Protection setting that allows users or system integrators to configure a password in order to restrict sensitive engineering operations (such as project/logic uploads…

Page 1 of 2