2024-06-24
|
CVE-2024-33687
|
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the alteration.
|
Nj101\-1000_firmware, Nj101\-1020_firmware, Nj101\-9000_firmware, Nj101\-9020_firmware, Nj301\-1100_firmware, Nj301\-1200_firmware, Nj501\-1300_firmware, Nj501\-1320_firmware, Nj501\-1340_firmware, Nj501\-1400_firmware, Nj501\-140_firmware, Nj501\-1420_firmware, Nj501\-1500_firmware, Nj501\-1520_firmware, Nj501\-4300_firmware, Nj501\-4310_firmware, Nj501\-4320_firmware, Nj501\-4400_firmware, Nj501\-4500_firmware, Nj501\-5300\-1_firmware, Nj501\-5300_firmware, Nj501\-R300_firmware, Nj501\-R320_firmware, Nj501\-R400_firmware, Nj501\-R420_firmware, Nj501\-R500_firmware, Nj501\-R520_firmware, Nj\-Pa3001_firmware, Nj\-Pd3001_firmware, Nx102\-1000_firmware, Nx102\-1020_firmware, Nx102\-1100_firmware, Nx102\-1120_firmware, Nx102\-1200_firmware, Nx102\-1220_firmware, Nx102\-9000_firmware, Nx102\-9020_firmware, Nx1p2\-1040dt1_firmware, Nx1p2\-1040dt_firmware, Nx1p2\-1140dt1_firmware, Nx1p2\-1140dt_firmware, Nx1p2\-9024dt1_firmware, Nx1p2\-9024dt_firmware, Nx1w\-Adb21_firmware, Nx1w\-Cif01_firmware, Nx1w\-Cif11_firmware, Nx1w\-Cif12_firmware, Nx1w\-Dab21v_firmware, Nx1w\-Mab221_firmware, Nx701\-1600_firmware, Nx701\-1620_firmware, Nx701\-1700_firmware, Nx701\-1720_firmware, Nx701\-Z600_firmware, Nx701\-Z700_firmware
|
7.5
|
|
|
2022-07-04
|
CVE-2022-34151
|
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully...
|
Na5\-12w_firmware, Na5\-15w_firmware, Na5\-7w_firmware, Na5\-9w_firmware, Nj101\-1000_firmware, Nj101\-1020_firmware, Nj101\-9000_firmware, Nj101\-9020_firmware, Nj301\-1100_firmware, Nj301\-1200_firmware, Nj501\-1300_firmware, Nj501\-1320_firmware, Nj501\-1340_firmware, Nj501\-140_firmware, Nj501\-1420_firmware, Nj501\-1500_firmware, Nj501\-1520_firmware, Nj501\-4300_firmware, Nj501\-4310_firmware, Nj501\-4320_firmware, Nj501\-4400_firmware, Nj501\-4500_firmware, Nj501\-5300_firmware, Nj501\-R300_firmware, Nj501\-R320_firmware, Nj501\-R400_firmware, Nj501\-R420_firmware, Nj501\-R500_firmware, Nj501\-R520_firmware, Nj\-Pa3001_firmware, Nj\-Pd3001_firmware, Nx102\-1000_firmware, Nx102\-1020_firmware, Nx102\-1100_firmware, Nx102\-1120_firmware, Nx102\-1200_firmware, Nx102\-1220_firmware, Nx102\-9020_firmware, Nx1p2\-1040dt1_firmware, Nx1p2\-1040dt_firmware, Nx1p2\-1140dt1_firmware, Nx1p2\-1140dt_firmware, Nx1p2\-9024dt1_firmware, Nx1p2\-9024dt_firmware, Nx1w\-Adb21_firmware, Nx1w\-Cif01_firmware, Nx1w\-Cif11_firmware, Nx1w\-Cif12_firmware, Nx1w\-Dab21v_firmware, Nx1w\-Mab221_firmware, Nx701\-1600_firmware, Nx701\-1620_firmware, Nx701\-1700_firmware, Nx701\-1720_firmware, Nx701\-Z600_firmware, Nx701\-Z700_firmware, Sysmac_studio
|
8.1
|
|
|
2022-07-26
|
CVE-2022-31206
|
The Omron SYSMAC Nx product family PLCs (NJ series, NY series, NX series, and PMAC series) through 2022-005-18 lack cryptographic authentication. These PLCs are programmed using the SYMAC Studio engineering software (which compiles IEC 61131-3 conformant POU code to native machine code for execution by the PLC's runtime). The resulting machine code is executed by a runtime, typically controlled by a real-time operating system. The logic that is downloaded to the PLC does not seem to be...
|
Nj101\-1000_firmware, Nj101\-1020_firmware, Nj101\-9000_firmware, Nj101\-9020_firmware, Nj301\-1100_firmware, Nj301\-1200_firmware, Nj501\-1300_firmware, Nj501\-1320_firmware, Nj501\-1340_firmware, Nj501\-1400_firmware, Nj501\-1420_firmware, Nj501\-1500_firmware, Nj501\-1520_firmware, Nj501\-4300_firmware, Nj501\-4320_firmware, Nj501\-4400_firmware, Nj501\-4500_firmware, Nj501\-5300\-1_firmware, Nj501\-5300_firmware, Nx701\-1600_firmware, Nx701\-1620_firmware, Nx701\-1700_firmware, Nx701\-1720_firmware, Nx701\-Z600_firmware, Nx701\-Z700_firmware
|
9.8
|
|
|
2022-07-04
|
CVE-2022-33208
|
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who can...
|
Na5\-12w_firmware, Na5\-15w_firmware, Na5\-7w_firmware, Na5\-9w_firmware, Nj101\-1000_firmware, Nj101\-1020_firmware, Nj101\-9000_firmware, Nj101\-9020_firmware, Nj301\-1100_firmware, Nj301\-1200_firmware, Nj501\-1300_firmware, Nj501\-1320_firmware, Nj501\-1340_firmware, Nj501\-140_firmware, Nj501\-1420_firmware, Nj501\-1500_firmware, Nj501\-1520_firmware, Nj501\-4300_firmware, Nj501\-4310_firmware, Nj501\-4320_firmware, Nj501\-4400_firmware, Nj501\-4500_firmware, Nj501\-5300_firmware, Nj501\-R300_firmware, Nj501\-R320_firmware, Nj501\-R400_firmware, Nj501\-R420_firmware, Nj501\-R500_firmware, Nj501\-R520_firmware, Nj\-Pa3001_firmware, Nj\-Pd3001_firmware, Nx102\-1000_firmware, Nx102\-1020_firmware, Nx102\-1100_firmware, Nx102\-1120_firmware, Nx102\-1200_firmware, Nx102\-1220_firmware, Nx102\-9020_firmware, Nx1p2\-1040dt1_firmware, Nx1p2\-1040dt_firmware, Nx1p2\-1140dt1_firmware, Nx1p2\-1140dt_firmware, Nx1p2\-9024dt1_firmware, Nx1p2\-9024dt_firmware, Nx1w\-Adb21_firmware, Nx1w\-Cif01_firmware, Nx1w\-Cif11_firmware, Nx1w\-Cif12_firmware, Nx1w\-Dab21v_firmware, Nx1w\-Mab221_firmware, Nx701\-1600_firmware, Nx701\-1620_firmware, Nx701\-1700_firmware, Nx701\-1720_firmware, Nx701\-Z600_firmware, Nx701\-Z700_firmware, Sysmac_studio
|
8.1
|
|
|
2022-07-04
|
CVE-2022-33971
|
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, and Machine automation controller NJ series all models V 1.48 and earlier, which may allow an adjacent attacker who can analyze the communication between the controller and the specific software used by OMRON internally to cause a denial-of-service (DoS) condition or execute a malicious program.
|
Nj101\-1000_firmware, Nj101\-1020_firmware, Nj101\-9000_firmware, Nj101\-9020_firmware, Nj301\-1100_firmware, Nj301\-1200_firmware, Nj501\-1300_firmware, Nj501\-1320_firmware, Nj501\-1340_firmware, Nj501\-140_firmware, Nj501\-1420_firmware, Nj501\-1500_firmware, Nj501\-1520_firmware, Nj501\-4300_firmware, Nj501\-4310_firmware, Nj501\-4320_firmware, Nj501\-4400_firmware, Nj501\-4500_firmware, Nj501\-5300_firmware, Nj501\-R300_firmware, Nj501\-R320_firmware, Nj501\-R400_firmware, Nj501\-R420_firmware, Nj501\-R500_firmware, Nj501\-R520_firmware, Nj\-Pa3001_firmware, Nj\-Pd3001_firmware, Nx102\-1000_firmware, Nx102\-1020_firmware, Nx102\-1100_firmware, Nx102\-1120_firmware, Nx102\-1200_firmware, Nx102\-1220_firmware, Nx102\-9020_firmware, Nx1p2\-1040dt1_firmware, Nx1p2\-1040dt_firmware, Nx1p2\-1140dt1_firmware, Nx1p2\-1140dt_firmware, Nx1p2\-9024dt1_firmware, Nx1p2\-9024dt_firmware, Nx1w\-Adb21_firmware, Nx1w\-Cif01_firmware, Nx1w\-Cif11_firmware, Nx1w\-Cif12_firmware, Nx1w\-Dab21v_firmware, Nx1w\-Mab221_firmware, Nx701\-1600_firmware, Nx701\-1620_firmware, Nx701\-1700_firmware, Nx701\-1720_firmware, Nx701\-Z600_firmware, Nx701\-Z700_firmware
|
7.5
|
|
|