Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
omron vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-27261
The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an malicious user to remotely execute arbitrary code.
Omron Cx-one
Omron Cx-position
Omron Cx-protocol
Omron Cx-server
NA
CVE-2015-0987
Omron CX-One CX-Programmer prior to 9.6, CJ2M PLC devices prior to 2.1, and CJ2H PLC devices prior to 1.5 rely on cleartext password transmission, which allows remote malicious users to obtain sensitive information by sniffing the network during a PLC unlock request.
Omron Cj2h Plc
Omron Cx-programmer
Omron Cj2m Plc
7.8
CVSSv3
CVE-2018-18989
In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit an...
Omron Cx-server
Omron Cx-programmer
Omron Cx-one
7.8
CVSSv3
CVE-2018-18993
Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior). When processing project files, the application allows input data to exceed the buffer. An attack...
Omron Cx-one
Omron Cx-programmer
Omron Cx-server
7.5
CVSSv3
CVE-2020-6986
In all versions of Omron PLC CJ Series, an attacker can send a series of specific data packets within a short period, causing a service error on the PLC Ethernet module, which in turn causes a PLC service denied result.
Omron Plc Cj1 Firmware
Omron Plc Cj2 Firmware
9.8
CVSSv3
CVE-2019-18261
In Omron PLC CS series, all versions, Omron PLC CJ series, all versions, and Omron PLC NJ series, all versions, the software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute...
Omron Plc Cj Firmware
Omron Plc Cs Firmware
Omron Plc Nj Firmware
NA
CVE-2015-1015
Omron CX-One CX-Programmer prior to 9.6, CJ2M PLC devices prior to 2.1, and CJ2H PLC devices prior to 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it easier for local users to obtain sensitive information by reading a file.
Omron Cj2m Plc 2.0
Omron Cx-programmer 9.5
Omron Cj2h Plc 1.4
7.8
CVSSv3
CVE-2018-19027
Three type confusion vulnerabilities exist in CX-One Versions 4.50 and prior and CX-Protocol Versions 2.0 and prior when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.
Omron Cx-one
Omron Cx-protocol
6.6
CVSSv3
CVE-2019-6556
When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior) fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privile...
Omron Common Components
Omron Cx-programmer
6.5
CVSSv3
CVE-2021-20836
Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0.16 allows an attacker with administrative privileges to cause information disclosure and/or arbitrary code execution by opening a specially crafted SCS project files.
Omron Cx-supervisor 4.0.0.13
Omron Cx-supervisor 4.0.0.16
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »