Vulnerabilities > Omron > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-22 | CVE-2022-45790 | Improper Restriction of Excessive Authentication Attempts vulnerability in Omron products The Omron FINS protocol has an authenticated feature to prevent access to memory regions. | 9.1 |
| 2023-06-19 | CVE-2023-27396 | Missing Authentication for Critical Function vulnerability in Omron products FINS (Factory Interface Network Service) is a message communication protocol, which is designed to be used in closed FA (Factory Automation) networks, and is used in FA networks composed of OMRON products. | 9.8 |
| 2023-03-16 | CVE-2023-0811 | Improper Access Control vulnerability in Omron products Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. | 9.1 |
| 2023-01-17 | CVE-2023-22357 | Unspecified vulnerability in Omron Cp1L-El20Dr-D Firmware Active debug code exists in OMRON CP1L-EL20DR-D all versions, which may lead to a command that is not specified in FINS protocol being executed without authentication. | 9.8 |
| 2022-10-06 | CVE-2022-3396 | Out-of-bounds Write vulnerability in Omron Cx-Programmer OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. | 9.8 |
| 2022-10-06 | CVE-2022-3397 | Out-of-bounds Write vulnerability in Omron Cx-Programmer OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. | 9.8 |
| 2022-10-06 | CVE-2022-3398 | Out-of-bounds Write vulnerability in Omron Cx-Programmer OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. | 9.8 |
| 2022-07-26 | CVE-2022-31206 | Improper Verification of Cryptographic Signature vulnerability in Omron products The Omron SYSMAC Nx product family PLCs (NJ series, NY series, NX series, and PMAC series) through 2022-005-18 lack cryptographic authentication. | 9.8 |
| 2022-07-26 | CVE-2022-31207 | Improper Verification of Cryptographic Signature vulnerability in Omron products The Omron SYSMAC Cx product family PLCs (CS series, CJ series, and CP series) through 2022-05-18 lack cryptographic authentication. | 9.8 |
| 2019-12-16 | CVE-2019-18269 | Unspecified vulnerability in Omron PLC CJ Firmware and PLC CS Firmware Omron’s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability. | 9.8 |