Path Traversal Vulnerabilities in Omron NJ/NX-series Machine Automation Controllers
CVE-2024-12083

6.6MEDIUM

Key Information:

Vendor: Omron Corporation
Status: Machine Automation Controller Nj-series; Machine Automation Controller Nx-series
Vendor: CVE Published:; 14 January 2025

Summary

Path Traversal vulnerabilities in Omron NJ/NX-series Machine Automation Controllers allow attackers to gain unauthorized access to the system. By exploiting these vulnerabilities, an individual could potentially execute arbitrary code remotely on these controller products, compromising the integrity and confidentiality of the automation processes. This poses a significant risk to organizations that rely on these systems for operational control and efficiency.

Affected Version(s)

Machine Automation Controller NJ-series NJ101-[][][][] Ver.1.64.05 and lower

Machine Automation Controller NJ-series NJ301-[][][][] Ver.1.64.05 and lower

Machine Automation Controller NJ-series NJ501-1[]0[] Ver.1.64.05 and lower

References

https://www.fa.omron.co.jp/product/security/assets/pdf/en...

https://www.fa.omron.co.jp/product/security/assets/pdf/ja...

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 14, 2025
Vulnerability Reserved
Dec 3, 2024