Vulnerabilities > Omron
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2022-21124 | Out-of-bounds Write vulnerability in Omron Cx-Programmer Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. | 7.8 |
| 2022-03-10 | CVE-2022-21219 | Out-of-bounds Read vulnerability in Omron Cx-Programmer Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. | 7.8 |
| 2022-01-14 | CVE-2022-21137 | Out-of-bounds Write vulnerability in Omron Cx-One 4.42/4.50/4.60 Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code. | 7.8 |
| 2021-10-19 | CVE-2021-20836 | Out-of-bounds Read vulnerability in Omron Cx-Supervisor 4.0.0.13/4.0.0.16 Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0.16 allows an attacker with administrative privileges to cause information disclosure and/or arbitrary code execution by opening a specially crafted SCS project files. | 6.5 |
| 2021-05-13 | CVE-2021-27413 | Out-of-bounds Write vulnerability in Omron Cx-One and Cx-Server Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0 and prior, are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. | 7.8 |
| 2021-02-09 | CVE-2020-27261 | Out-of-bounds Write vulnerability in Omron products The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. | 8.8 |
| 2021-02-09 | CVE-2020-27259 | Unspecified vulnerability in Omron products The Omron CX-One Version 4.60 and prior may allow an attacker to supply a pointer to arbitrary memory locations, which may allow an attacker to remotely execute arbitrary code. | 8.8 |
| 2021-02-09 | CVE-2020-27257 | Type Confusion vulnerability in Omron products This vulnerability allows local attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices. | 7.8 |
| 2020-03-05 | CVE-2020-6986 | Resource Exhaustion vulnerability in Omron PLC CJ1 Firmware and PLC CJ2 Firmware In all versions of Omron PLC CJ Series, an attacker can send a series of specific data packets within a short period, causing a service error on the PLC Ethernet module, which in turn causes a PLC service denied result. | 7.5 |
| 2019-12-16 | CVE-2019-18269 | Unspecified vulnerability in Omron PLC CJ Firmware and PLC CS Firmware Omron’s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability. | 9.8 |