Out-of-Bounds Read Vulnerability in CX-Programmer by Omron
CVE-2025-0591

7.8HIGH

Key Information:

Vendor: Omron Corporation
Status: Fa Integrated Tool Package Cx-one
Vendor: CVE Published:; 17 February 2025

🔔 Create Omron Corporation Vulnerability Alert

What is CVE-2025-0591?

An out-of-bounds read vulnerability has been identified in Omron's CX-Programmer software, which could allow attackers to access sensitive information or potentially crash the application. This flaw arises when the software fails to properly validate input lengths, leading to unauthorized data access. Organizations using CX-Programmer are encouraged to take immediate steps to mitigate risks associated with this vulnerability, as it can compromise data integrity and application stability.

Affected Version(s)

FA Integrated Tool Package CX-One Ver.9.83 or lower

References

https://www.fa.omron.co.jp/product/security/assets/pdf/en...

https://www.fa.omron.co.jp/product/security/assets/pdf/ja...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 17, 2025