Vulnerabilities > Omron > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-22 CVE-2022-45790 Improper Restriction of Excessive Authentication Attempts vulnerability in Omron products
The Omron FINS protocol has an authenticated feature to prevent access to memory regions.
network
low complexity
omron CWE-307
critical
9.1
2023-06-19 CVE-2023-27396 Missing Authentication for Critical Function vulnerability in Omron products
FINS (Factory Interface Network Service) is a message communication protocol, which is designed to be used in closed FA (Factory Automation) networks, and is used in FA networks composed of OMRON products.
network
low complexity
omron CWE-306
critical
9.8
2023-03-16 CVE-2023-0811 Improper Access Control vulnerability in Omron products
Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored.
network
low complexity
omron CWE-284
critical
9.1
2023-01-17 CVE-2023-22357 Unspecified vulnerability in Omron Cp1L-El20Dr-D Firmware
Active debug code exists in OMRON CP1L-EL20DR-D all versions, which may lead to a command that is not specified in FINS protocol being executed without authentication.
network
low complexity
omron
critical
9.8
2022-10-06 CVE-2022-3396 Out-of-bounds Write vulnerability in Omron Cx-Programmer
OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.
network
low complexity
omron CWE-787
critical
9.8
2022-10-06 CVE-2022-3397 Out-of-bounds Write vulnerability in Omron Cx-Programmer
OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.
network
low complexity
omron CWE-787
critical
9.8
2022-10-06 CVE-2022-3398 Out-of-bounds Write vulnerability in Omron Cx-Programmer
OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.
network
low complexity
omron CWE-787
critical
9.8
2022-07-26 CVE-2022-31206 Improper Verification of Cryptographic Signature vulnerability in Omron products
The Omron SYSMAC Nx product family PLCs (NJ series, NY series, NX series, and PMAC series) through 2022-005-18 lack cryptographic authentication.
network
low complexity
omron CWE-347
critical
9.8
2022-07-26 CVE-2022-31207 Improper Verification of Cryptographic Signature vulnerability in Omron products
The Omron SYSMAC Cx product family PLCs (CS series, CJ series, and CP series) through 2022-05-18 lack cryptographic authentication.
network
low complexity
omron CWE-347
critical
9.8
2019-12-16 CVE-2019-18269 Unspecified vulnerability in Omron PLC CJ Firmware and PLC CS Firmware
Omron’s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability.
network
low complexity
omron
critical
9.8