Least Privilege Violation in NJ/NX-series Machine Automation Controllers by Omron
CVE-2025-1384

7HIGH

Key Information:

Vendor: Omron Corporation
Status: Machine Automation Controller Nj-series; Machine Automation Controller Nx-series; Sysmac Studio Software
Vendor: CVE Published:; 14 July 2025

🔔 Create Omron Corporation Vulnerability Alert

What is CVE-2025-1384?

A vulnerability exists in the communication function between the NJ/NX-series Machine Automation Controllers and Sysmac Studio Software. This flaw allows attackers to exploit least privilege violations, potentially gaining unauthorized access to the controller and executing remote code. It is crucial for users of these products to address this vulnerability to ensure the security of their operations and prevent unauthorized manipulation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Machine Automation Controller NJ-series NJ101-[][][][] Ver.1.67.00 or lower

Machine Automation Controller NJ-series NJ301-1[]00 Ver.1.67.00 or lower

Machine Automation Controller NJ-series NJ501-1[]00 Ver.1.67.02 or lower

References

https://www.fa.omron.co.jp/product/security/assets/pdf/en...

https://www.fa.omron.co.jp/product/security/assets/pdf/ja...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 14, 2025

JSON

Omron Corporation