Cross-Site Scripting Vulnerability in Omron HMI Terminals
CVE-2014-2370

Currently unrated

Key Information:

Vendor

Omron

Status
Ns15
Ns12
Ns10
Ns8
Vendor
CVE Published:
24 July 2014

What is CVE-2014-2370?

A cross-site scripting vulnerability exists in the web application of Omron's NS5, NS8, NS10, NS12, and NS15 HMI terminals, specifically impacting versions 8.1xx through 8.68x. This flaw allows remote authenticated users to inject arbitrary web script or HTML, potentially leading to unauthorized actions or data exposure when untrusted data is processed in a web context. The vulnerability arises when the application fails to properly validate input, facilitating malicious users to execute script code within the context of another user's session.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

NS10 8.1xx < 8.68x

NS12 8.1xx < 8.68x

NS15 8.1xx < 8.68x

References

https://www.cisa.gov/news-events/ics-advisories/icsa-14-2...
https://automation.omron.com/en/us/products/

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.