Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
omron vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-31204
Omron CS series, CJ series, and CP series PLCs through 2022-05-18 use cleartext passwords. They feature a UM Protection setting that allows users or system integrators to configure a password in order to restrict sensitive engineering operations (such as project/logic uploads and...
Omron Sysmac Cs1 Firmware
Omron Sysmac Cj2m Firmware
Omron Sysmac Cj2h Firmware
Omron Sysmac Cp1e Firmware
Omron Sysmac Cp1h Firmware
Omron Sysmac Cp1l Firmware
Omron Cp1w-cif41 Firmware -
Omron Cx-programmer
7.5
CVSSv3
CVE-2022-31205
In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to the Web UI is stored in memory area D1449...D1452 and can be read out using the Omron FINS protocol without any further authentication.
Omron Sysmac Cs1 Firmware
Omron Sysmac Cj2m Firmware
Omron Sysmac Cj2h Firmware
Omron Sysmac Cp1e Firmware
Omron Sysmac Cp1h Firmware
Omron Sysmac Cp1l Firmware
Omron Cp1w-cif41 Firmware -
7.5
CVSSv3
CVE-2022-33971
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and previous versions, Machine automation controller NX1 series all models V1.48 and previous versions, and Machine automation controller NJ series all models...
Omron Nx701-1600 Firmware
Omron Nx701-1700 Firmware
Omron Nx701-z700 Firmware
Omron Nx701-z600 Firmware
Omron Nx701-1720 Firmware
Omron Nx701-1620 Firmware
Omron Nx102-1200 Firmware
Omron Nx102-1100 Firmware
Omron Nx102-1000 Firmware
Omron Nx102-1220 Firmware
Omron Nx102-1120 Firmware
Omron Nx102-1020 Firmware
Omron Nx102-9020 Firmware
Omron Nx1p2-1140dt Firmware
Omron Nx1p2-1140dt1 Firmware
Omron Nx1p2-1040dt Firmware
Omron Nx1p2-1040dt1 Firmware
Omron Nx1p2-9024dt Firmware
Omron Nx1p2-9024dt1 Firmware
Omron Nx1w-cif01 Firmware
Omron Nx1w-cif11 Firmware
Omron Nx1w-cif12 Firmware
7.5
CVSSv3
CVE-2020-6986
In all versions of Omron PLC CJ Series, an attacker can send a series of specific data packets within a short period, causing a service error on the PLC Ethernet module, which in turn causes a PLC service denied result.
Omron Plc Cj1 Firmware
Omron Plc Cj2 Firmware
7.3
CVSSv3
CVE-2018-19018
An access of uninitialized pointer vulnerability in CX-Supervisor (Versions 3.42 and prior) could lead to type confusion when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.
Omron Cx-supervisor
7.3
CVSSv3
CVE-2018-19015
An attacker could inject commands to launch programs and create, write, and read files on CX-Supervisor (Versions 3.42 and prior) through a specially crafted project file. An attacker could exploit this to execute code under the privileges of the application.
Omron Cx-supervisor
7.3
CVSSv3
CVE-2018-19019
A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.
Omron Cx-supervisor
6.6
CVSSv3
CVE-2019-6556
When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior) fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privile...
Omron Common Components
Omron Cx-programmer
6.5
CVSSv3
CVE-2021-20836
Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0.16 allows an attacker with administrative privileges to cause information disclosure and/or arbitrary code execution by opening a specially crafted SCS project files.
Omron Cx-supervisor 4.0.0.13
Omron Cx-supervisor 4.0.0.16
6.5
CVSSv3
CVE-2018-16207
PowerAct Pro Master Agent for Windows Version 5.13 and previous versions allows authenticated malicious users to bypass access restriction to alter or edit unauthorized files via unspecified vectors.
Omron Poweract Pro Master Agent
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »