Vulnerabilities > Omron > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-24 | CVE-2024-33687 | Insufficient Verification of Data Authenticity vulnerability in Omron products Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. | 7.5 |
2024-01-22 | CVE-2022-45792 | Path Traversal vulnerability in Omron Sysmac Studio Project files may contain malicious contents which the software will use to create files on the filesystem. | 7.8 |
2024-01-10 | CVE-2022-45794 | Missing Authentication for Critical Function vulnerability in Omron products An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions) may use a network protocol to read and write files on the PLC internal memory and memory card. | 7.5 |
2024-01-10 | CVE-2022-45793 | Incorrect Default Permissions vulnerability in Omron Automation Software Sysmac Studio Sysmac Studio installs executables in a directory with poor permissions. | 7.8 |
2023-08-03 | CVE-2023-22277 | Use After Free vulnerability in Omron Cx-Programmer Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. | 7.8 |
2023-08-03 | CVE-2023-22314 | Use After Free vulnerability in Omron Cx-Programmer Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. | 7.8 |
2023-08-03 | CVE-2023-22317 | Use After Free vulnerability in Omron Cx-Programmer Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. | 7.8 |
2023-08-03 | CVE-2023-38747 | Out-of-bounds Write vulnerability in Omron Cx-Programmer Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. | 7.8 |
2023-08-03 | CVE-2023-38748 | Use After Free vulnerability in Omron Cx-Programmer Use after free vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. | 7.8 |
2023-08-03 | CVE-2023-38744 | Unspecified vulnerability in Omron products Denial-of-service (DoS) vulnerability due to improper validation of specified type of input issue exists in the built-in EtherNet/IP port of the CJ Series CJ2 CPU unit and the communication function of the CS/CJ Series EtherNet/IP unit. | 7.5 |