Vulnerabilities > Omron
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-03 | CVE-2023-38744 | Unspecified vulnerability in Omron products Denial-of-service (DoS) vulnerability due to improper validation of specified type of input issue exists in the built-in EtherNet/IP port of the CJ Series CJ2 CPU unit and the communication function of the CS/CJ Series EtherNet/IP unit. | 7.5 |
| 2023-08-03 | CVE-2023-38746 | Out-of-bounds Read vulnerability in Omron Cx-Programmer Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. | 7.8 |
| 2023-06-19 | CVE-2023-27396 | Missing Authentication for Critical Function vulnerability in Omron products FINS (Factory Interface Network Service) is a message communication protocol, which is designed to be used in closed FA (Factory Automation) networks, and is used in FA networks composed of OMRON products. | 9.8 |
| 2023-05-10 | CVE-2023-27385 | Out-of-bounds Write vulnerability in Omron Cx-Drive 3.00/3.01 Heap-based buffer overflow vulnerability exists in CX-Drive All models all versions. | 7.8 |
| 2023-03-16 | CVE-2023-0811 | Improper Access Control vulnerability in Omron products Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. | 9.1 |
| 2023-01-30 | CVE-2023-22322 | XXE vulnerability in Omron Cx-Motion PRO Improper restriction of XML external entity reference (XXE) vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. | 5.5 |
| 2023-01-17 | CVE-2023-22357 | Unspecified vulnerability in Omron Cp1L-El20Dr-D Firmware Active debug code exists in OMRON CP1L-EL20DR-D all versions, which may lead to a command that is not specified in FINS protocol being executed without authentication. | 9.8 |
| 2023-01-17 | CVE-2023-22366 | Access of Uninitialized Pointer vulnerability in Omron Cx-Motion-Mch Firmware CX-Motion-MCH v2.32 and earlier contains an access of uninitialized pointer vulnerability. | 7.8 |
| 2022-12-07 | CVE-2022-43508 | Use After Free vulnerability in Omron Cx-Programmer Use-after free vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. | 7.8 |
| 2022-12-07 | CVE-2022-43509 | Out-of-bounds Write vulnerability in Omron Cx-Programmer Out-of-bounds write vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. | 7.8 |