Vulnerabilities > Omron > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-03 | CVE-2023-38746 | Out-of-bounds Read vulnerability in Omron Cx-Programmer Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. | 7.8 |
| 2023-05-10 | CVE-2023-27385 | Out-of-bounds Write vulnerability in Omron Cx-Drive 3.00/3.01 Heap-based buffer overflow vulnerability exists in CX-Drive All models all versions. | 7.8 |
| 2023-01-17 | CVE-2023-22366 | Access of Uninitialized Pointer vulnerability in Omron Cx-Motion-Mch Firmware 2.32 CX-Motion-MCH v2.32 and earlier contains an access of uninitialized pointer vulnerability. | 7.8 |
| 2022-12-21 | CVE-2022-46282 | Use After Free vulnerability in Omron Cx-Drive 3.00 Use after free vulnerability in CX-Drive V3.00 and earlier allows a local attacker to execute arbitrary code by having a user to open a specially crafted file, | 7.8 |
| 2022-12-07 | CVE-2022-43508 | Use After Free vulnerability in Omron Cx-Programmer Use-after free vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. | 7.8 |
| 2022-12-07 | CVE-2022-43509 | Out-of-bounds Write vulnerability in Omron Cx-Programmer Out-of-bounds write vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. | 7.8 |
| 2022-12-07 | CVE-2022-43667 | Out-of-bounds Write vulnerability in Omron Cx-Programmer Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. | 7.8 |
| 2022-09-12 | CVE-2022-2979 | Use After Free vulnerability in Omron Cx-Programmer Opening a specially crafted file could cause the affected product to fail to release its memory reference potentially resulting in arbitrary code execution. | 7.8 |
| 2022-07-26 | CVE-2022-31204 | Cleartext Transmission of Sensitive Information vulnerability in Omron products Omron CS series, CJ series, and CP series PLCs through 2022-05-18 use cleartext passwords. | 7.5 |
| 2022-07-26 | CVE-2022-31205 | Cleartext Storage of Sensitive Information vulnerability in Omron products In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to the Web UI is stored in memory area D1449...D1452 and can be read out using the Omron FINS protocol without any further authentication. | 7.5 |