CVE-2022-34151

CVE-2022-34151 affects Omron NJ/NX-series Machine Automation Controllers, Sysmac Studio, and NA-series PTs. Root cause: hard-coded credentials in affected components may let a remote attacker obtain credentials and access the controller. Affected versions: NJ/NX controllers (NJ1/NJ series up to v...

CVE-2022-33208

CVE-2022-33208 is an authentication bypass by capture-replay affecting Omron NJ/NX-series Machine Automation Controllers (NJ 1.48 and earlier; NX7 1.28 and earlier; NX1 1.48 and earlier), Sysmac Studio (≤1.49), and NA-series PT runtimes (NA5-15W/12W/9W/7W ≤1.15). A remote attacker who can analyze...

CVE-2022-31206

CVE-2022-31206 affects Omron SYSMAC Nx product family PLCs (NJ/NY/NX/PMAC) prior to 2022-05-18. The issue is that the transferred PLC logic is not cryptographically authenticated, allowing an attacker to modify transmitted object code and execute arbitrary machine code on the PLC CPU module withi...

CVE-2022-33971

CVE-2022-33971 affects Omron NJ/NX-series Machine Automation Controllers. An adjacent attacker who can analyze the communication between the controller and internal software may bypass authentication via capture-replay, potentially causing a DoS or enabling execution of a malicious program. Affec...

CVE-2024-33687

CVE-2024-33687 concerns Omron NJ/NX series CPU units (all versions) with an insufficient verification of data authenticity (CWE-345). The issue allows altered user programs to potentially go undetected. Root cause is improper verification of data authenticity in affected devices. Impact notes fro...

CVE-2023-27396

CVE-2023-27396 affects Omron FINS protocol used in SYSMAC factory controllers. Issues: plaintext communication and no authentication allow interception, and arbitrary FINS messages can execute commands or reveal system info. Affected: SYSMAC CS-, CJ-, CP-, NJ-, NX1P-, NX102-series CPU Units (all ...