Vulnerabilities > Omron

DATE CVE VULNERABILITY TITLE RISK
2024-01-22 CVE-2022-45790 Improper Restriction of Excessive Authentication Attempts vulnerability in Omron products
The Omron FINS protocol has an authenticated feature to prevent access to memory regions.
network
low complexity
omron CWE-307
critical
9.1
2024-01-22 CVE-2022-45792 Path Traversal vulnerability in Omron Sysmac Studio
Project files may contain malicious contents which the software will use to create files on the filesystem.
local
low complexity
omron CWE-22
7.8
2024-01-10 CVE-2022-45794 Missing Authentication for Critical Function vulnerability in Omron products
An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions) may use a network protocol to read and write files on the PLC internal memory and memory card.
network
low complexity
omron CWE-306
7.5
2024-01-10 CVE-2022-45793 Incorrect Default Permissions vulnerability in Omron Automation Software Sysmac Studio
Sysmac Studio installs executables in a directory with poor permissions.
local
low complexity
omron CWE-276
7.8
2023-08-03 CVE-2023-22277 Use After Free vulnerability in Omron Cx-Programmer
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier.
local
low complexity
omron CWE-416
7.8
2023-08-03 CVE-2023-22314 Use After Free vulnerability in Omron Cx-Programmer
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier.
local
low complexity
omron CWE-416
7.8
2023-08-03 CVE-2023-22317 Use After Free vulnerability in Omron Cx-Programmer
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier.
local
low complexity
omron CWE-416
7.8
2023-08-03 CVE-2023-38747 Out-of-bounds Write vulnerability in Omron Cx-Programmer
Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier.
local
low complexity
omron CWE-787
7.8
2023-08-03 CVE-2023-38748 Use After Free vulnerability in Omron Cx-Programmer
Use after free vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier.
local
low complexity
omron CWE-416
7.8
2023-08-03 CVE-2023-38744 Unspecified vulnerability in Omron products
Denial-of-service (DoS) vulnerability due to improper validation of specified type of input issue exists in the built-in EtherNet/IP port of the CJ Series CJ2 CPU unit and the communication function of the CS/CJ Series EtherNet/IP unit.
network
low complexity
omron
7.5