Path Traversal Vulnerability in Omron Machine Automation Controllers
CVE-2024-27121

Currently unrated

Key Information:

Vendor: Omron Corporation
Status: Machine Automation Controller Nj Series; Machine Automation Controller Nx Series
Vendor: CVE Published:; 12 March 2024

🔔 Create Omron Corporation Vulnerability Alert

What is CVE-2024-27121?

A path traversal vulnerability in the Machine Automation Controllers NJ and NX Series allows a remote attacker with administrative privileges to access arbitrary files or execute arbitrary code. This flaw arises when the device processes a specially crafted request. Attackers exploiting this vulnerability could potentially manipulate sensitive information or execute harmful commands, emphasizing the critical need for user awareness and prompt action in mitigating the associated risks.

Affected Version(s)

Machine Automation Controller NJ Series NJ101-[][][][] Ver.1.64.03 and earlier

Machine Automation Controller NJ Series NJ301-[][][][] Ver.1.64.00 and earlier

Machine Automation Controller NJ Series NJ501-1[]0[] Ver.1.64.03 and earlier

References

https://www.fa.omron.co.jp/product/security/assets/pdf/en...

https://www.fa.omron.co.jp/product/security/assets/pdf/ja...

https://jvn.jp/en/vu/JVNVU95852116/index.html

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 12, 2024
Vulnerability Reserved
Feb 20, 2024