26 matches found
EUVD-2024-50579
Malicious code in bioql PyPI...
Least Privilege Violation Vulnerability in the communications functions of NJ/NX series Machine Automation Controllers
Overview Least privilege violation vulnerability CWE-272 exists in the communication function between the NJ/NX-series Machine Automation Controllers and the Sysmac Studio Software provided by OMRON Corporation. - CVE-2025-1384 OMRON Corporation reported this vulnerability to JPCERT/CC to notify...
CVE-2025-1384 Least Privilege Violation Vulnerability in the communications functions of NJ/NX-series Machine Automation Controllers
Least Privilege Violation CWE-272 Vulnerability exists in the communication function between the NJ/NX-series Machine Automation Controllers and the Sysmac Studio Software. An attacker may use this vulnerability to perform unauthorized access and to execute unauthorized code remotely to the...
CVE-2025-1384 Least Privilege Violation Vulnerability in the communications functions of NJ/NX-series Machine Automation Controllers
Least Privilege Violation CWE-272 Vulnerability exists in the communication function between the NJ/NX-series Machine Automation Controllers and the Sysmac Studio Software. An attacker may use this vulnerability to perform unauthorized access and to execute unauthorized code remotely to the...
CVE-2025-1384
CVE-2025-1384 affects Omron NJ/NX-series Machine Automation Controllers and Sysmac Studio Software. The issue is a Least Privilege Violation (CWE-272) in the communications function between these products, allowing a remote attacker to gain unauthorized access and potentially execute arbitrary co...
Omron Sysmac Studio和Omron NJ/NX-series Machine Automation Controllers 安全漏洞
Omron Sysmac Studio and Omron NJ/NX-series Machine Automation Controllers are both products of Omron Japan.Omron Sysmac Studio is a unique environment that integrates logic, motion and drives, robotics, safety, visualization, sensing and information technology into one project. , sensing, and...
CVE-2024-33687
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the alteration...
CVE-2024-12083
Path Traversal Vulnerabilities CWE-22 exist in NJ/NX-series Machine Automation Controllers. An attacker may use these vulnerabilities to perform unauthorized access and to execute unauthorized code remotely to the controller products...
PT-2025-16195 · H3C · H3C Magic Nx15 +3
Name of the Vulnerable Software and Affected Versions: H3C Magic NX15 versions up to V100R014 H3C Magic NX30 Pro versions up to V100R014 H3C Magic NX400 versions up to V100R014 H3C Magic R3010 versions up to V100R014 Description: A critical vulnerability has been found in H3C Magic NX series...
PT-2025-16190 · H3C · H3C Magic Nx15 +3
Name of the Vulnerable Software and Affected Versions: H3C Magic NX15 versions up to V100R014 H3C Magic NX30 Pro versions up to V100R014 H3C Magic NX400 versions up to V100R014 H3C Magic R3010 versions up to V100R014 Description: A critical vulnerability was found in the H3C Magic NX series,...
CVE-2024-12083 Path Traversal Vulnerabilities in NJ/NX-series Machine Automation Controllers
Path Traversal Vulnerabilities CWE-22 exist in NJ/NX-series Machine Automation Controllers. An attacker may use these vulnerabilities to perform unauthorized access and to execute unauthorized code remotely to the controller products...
CVE-2024-12083
The CVE-2024-12083 issue affects Omron NJ/NX-series Machine Automation Controllers. A path traversal vulnerability (CWE-22) exists in the NJ/NX product line, allowing a remote attacker (with administrative privileges) to access arbitrary files and potentially execute arbitrary code on the control...
CVE-2024-33687
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the alteration...
CVE-2024-33687
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the alteration...
CVE-2024-33687
CVE-2024-33687 concerns Omron NJ/NX series CPU units (all versions) with an insufficient verification of data authenticity (CWE-345). The issue allows altered user programs to potentially go undetected. Root cause is improper verification of data authenticity in affected devices. Impact notes fro...
CVE-2024-33687
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the alteration...
CVE-2024-27121
Path traversal vulnerability exists in Machine Automation Controller NJ Series and Machine Automation Controller NX Series. An arbitrary file in the affected product may be accessed or arbitrary code may be executed by processing a specially crafted request sent from a remote attacker with an...
Path traversal
Path traversal vulnerability exists in Machine Automation Controller NJ Series and Machine Automation Controller NX Series. An arbitrary file in the affected product may be accessed or arbitrary code may be executed by processing a specially crafted request sent from a remote attacker with an...
CVE-2024-27121
The CVE-2024-27121 issue affects Omron Machine Automation Controller NJ Series and NX Series. A path traversal vulnerability could allow an attacker with administrative privileges to access arbitrary files or execute code by processing a specially crafted request sent remotely. The vendor notes m...
PT-2024-21660 · Omron · Machine Automation Controller Nj Series +1
Name of the Vulnerable Software and Affected Versions: Machine Automation Controller NJ Series affected versions not specified Machine Automation Controller NX Series affected versions not specified Description: A path traversal vulnerability exists, allowing an arbitrary file in the affected...