Vulnerabilities > Omron > High

DATE CVE VULNERABILITY TITLE RISK
2024-06-24 CVE-2024-33687 Insufficient Verification of Data Authenticity vulnerability in Omron products
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions.
network
low complexity
omron CWE-345
7.5
7.5
2024-01-22 CVE-2022-45792 Path Traversal vulnerability in Omron Sysmac Studio
Project files may contain malicious contents which the software will use to create files on the filesystem.
local
low complexity
omron CWE-22
7.8
7.8
2024-01-10 CVE-2022-45794 Missing Authentication for Critical Function vulnerability in Omron products
An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions) may use a network protocol to read and write files on the PLC internal memory and memory card.
network
low complexity
omron CWE-306
7.5
7.5
2024-01-10 CVE-2022-45793 Incorrect Default Permissions vulnerability in Omron Automation Software Sysmac Studio 1.54
Sysmac Studio installs executables in a directory with poor permissions.
local
low complexity
omron CWE-276
7.8
7.8
2023-08-03 CVE-2023-22277 Use After Free vulnerability in Omron Cx-Programmer
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier.
local
low complexity
omron CWE-416
7.8
7.8
2023-08-03 CVE-2023-22314 Use After Free vulnerability in Omron Cx-Programmer
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier.
local
low complexity
omron CWE-416
7.8
7.8
2023-08-03 CVE-2023-22317 Use After Free vulnerability in Omron Cx-Programmer
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier.
local
low complexity
omron CWE-416
7.8
7.8
2023-08-03 CVE-2023-38747 Out-of-bounds Write vulnerability in Omron Cx-Programmer
Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier.
local
low complexity
omron CWE-787
7.8
7.8
2023-08-03 CVE-2023-38748 Use After Free vulnerability in Omron Cx-Programmer
Use after free vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier.
local
low complexity
omron CWE-416
7.8
7.8
2023-08-03 CVE-2023-38744 Unspecified vulnerability in Omron products
Denial-of-service (DoS) vulnerability due to improper validation of specified type of input issue exists in the built-in EtherNet/IP port of the CJ Series CJ2 CPU unit and the communication function of the CS/CJ Series EtherNet/IP unit.
network
low complexity
omron
7.5
7.5