Vulnerabilities > Omron > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-22 CVE-2022-45790 Improper Restriction of Excessive Authentication Attempts vulnerability in Omron products
The Omron FINS protocol has an authenticated feature to prevent access to memory regions.
network
low complexity
omron CWE-307
critical
 9.1
9.1
2023-06-19 CVE-2023-27396 Missing Authentication for Critical Function vulnerability in Omron products
FINS (Factory Interface Network Service) is a message communication protocol, which is designed to be used in closed FA (Factory Automation) networks, and is used in FA networks composed of OMRON products.
network
low complexity
omron CWE-306
critical
 9.8
9.8
2023-03-16 CVE-2023-0811 Improper Access Control vulnerability in Omron products
Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored.
network
low complexity
omron CWE-284
critical
 9.1
9.1
2023-01-17 CVE-2023-22357 Unspecified vulnerability in Omron Cp1L-El20Dr-D Firmware
Active debug code exists in OMRON CP1L-EL20DR-D all versions, which may lead to a command that is not specified in FINS protocol being executed without authentication.
network
low complexity
omron
critical
 9.8
9.8
2022-10-06 CVE-2022-3396 Out-of-bounds Write vulnerability in Omron Cx-Programmer
OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.
network
low complexity
omron CWE-787
critical
 9.8
9.8
2022-10-06 CVE-2022-3397 Out-of-bounds Write vulnerability in Omron Cx-Programmer
OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.
network
low complexity
omron CWE-787
critical
 9.8
9.8
2022-10-06 CVE-2022-3398 Out-of-bounds Write vulnerability in Omron Cx-Programmer
OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.
network
low complexity
omron CWE-787
critical
 9.8
9.8
2019-12-16 CVE-2019-18269 Unspecified vulnerability in Omron PLC CJ Firmware and PLC CS Firmware
Omron’s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability.
network
low complexity
omron
critical
 9.8
9.8
2000-10-20 CVE-2000-0704 Remote Buffer Overflow vulnerability in Omron WorldView Wnn Asian Language Server
Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to execute arbitrary commands via long JS_OPEN, JS_MKDIR, or JS_FILE_INFO commands.
network
low complexity
freewnn omron wnn
critical
 10.0
10