Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-1384

Least Privilege Violation (CWE-272) Vulnerability exists in the communication function between the NJ/NX-series Machine Automation Controllers and the Sysmac Studio Software. An attacker may use this vulnerability to perform unauthorized access and to execute unauthorized code remotely to the controller products.

Published

2025-07-14T00:15:22.077

Last Modified

2025-07-15T13:14:24.053

Status

Awaiting Analysis

Source

bba440f9-ef23-4224-aa62-7ac0935d18d1

Severity

CVSSv3.1: 7.0 (HIGH)

Weaknesses

Type: Secondary
CWE-272

Affected Vendors & Products

References

https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2025-004_en.pdf (bba440f9-ef23-4224-aa62-7ac0935d18d1)
https://www.fa.omron.co.jp/product/security/assets/pdf/ja/OMSR-2025-004_ja.pdf (bba440f9-ef23-4224-aa62-7ac0935d18d1)