Search
Find a vulnerability
Search criteria
3 vulnerabilities found for SYSMAC-SE2[][][] by OMRON Corporation
JVNDB-2024-011833
Vulnerability from jvndb - Published: 2024-11-05 15:29 - Updated:2024-11-05 15:29
Severity
Summary
Incorrect authorization vulnerability in OMRON Sysmac Studio
Details
Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability (CWE-863, CVE-2024-49501).
OMRON Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC coordinated with OMRON Corporation for the JVN advisory publication.
References
| Type | URL | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-011833.html",
"dc:date": "2024-11-05T15:29+09:00",
"dcterms:issued": "2024-11-05T15:29+09:00",
"dcterms:modified": "2024-11-05T15:29+09:00",
"description": "Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability (CWE-863, CVE-2024-49501).\r\n\r\nOMRON Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC coordinated with OMRON Corporation for the JVN advisory publication.",
"link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-011833.html",
"sec:cpe": {
"#text": "cpe:/a:omron:sysmac-se2",
"@product": "SYSMAC-SE2[][][]",
"@vendor": "OMRON Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.7",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2024-011833",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU95685374/index.html",
"@id": "JVNVU#95685374",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-49501",
"@id": "CVE-2024-49501",
"@source": "CVE"
},
{
"#text": "https://cwe.mitre.org/data/definitions/863.html",
"@id": "CWE-863",
"@title": "Incorrect Authorization(CWE-863)"
}
],
"title": "Incorrect authorization vulnerability in OMRON Sysmac Studio"
}
CVE-2024-49501 (GCVE-0-2024-49501)
Vulnerability from nvd – Published: 2024-11-01 04:07 – Updated: 2024-11-01 15:06
VLAI
Summary
Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If this vulnerability is exploited, an attacker may access the program which is protected by Data Protection function.
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| OMRON Corporation | SYSMAC-SE2[][][] |
Affected:
all versions
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49501",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T15:06:44.922885Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T15:06:52.374Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SYSMAC-SE2[][][]",
"vendor": "OMRON Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If this vulnerability is exploited, an attacker may access the program which is protected by Data Protection function."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect authorization",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T04:07:39.666Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2024-006_en.pdf"
},
{
"url": "https://www.fa.omron.co.jp/product/security/assets/pdf/ja/OMSR-2024-006_ja.pdf"
},
{
"url": "https://jvn.jp/en/vu/JVNVU95685374"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-49501",
"datePublished": "2024-11-01T04:07:39.666Z",
"dateReserved": "2024-10-15T11:32:15.313Z",
"dateUpdated": "2024-11-01T15:06:52.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-49501 (GCVE-0-2024-49501)
Vulnerability from cvelistv5 – Published: 2024-11-01 04:07 – Updated: 2024-11-01 15:06
VLAI
Summary
Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If this vulnerability is exploited, an attacker may access the program which is protected by Data Protection function.
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| OMRON Corporation | SYSMAC-SE2[][][] |
Affected:
all versions
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49501",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T15:06:44.922885Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T15:06:52.374Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SYSMAC-SE2[][][]",
"vendor": "OMRON Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If this vulnerability is exploited, an attacker may access the program which is protected by Data Protection function."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect authorization",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T04:07:39.666Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2024-006_en.pdf"
},
{
"url": "https://www.fa.omron.co.jp/product/security/assets/pdf/ja/OMSR-2024-006_ja.pdf"
},
{
"url": "https://jvn.jp/en/vu/JVNVU95685374"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-49501",
"datePublished": "2024-11-01T04:07:39.666Z",
"dateReserved": "2024-10-15T11:32:15.313Z",
"dateUpdated": "2024-11-01T15:06:52.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}