Search

Find a vulnerability

Search criteria

    5 vulnerabilities by OMRON SOCIAL SOLUTIONS Co.,Ltd.

    JVNDB-2026-011472

    Vulnerability from jvndb - Published: 2026-04-17 14:54 - Updated:2026-04-17 14:54
    Summary
    OMRON UPS (Uninterruptible Power Supply) management application may insecurely load Dynamic Link Libraries
    Details
    The UPS (Uninterruptible Power Supply) management application provided by OMRON Corporation may insecurely load Dynamic Link Libraries due to an issue with uncontrolled search path element (CWE-427, CVE-2026-5397). OMRON Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-011472.html",
      "dc:date": "2026-04-17T14:54+09:00",
      "dcterms:issued": "2026-04-17T14:54+09:00",
      "dcterms:modified": "2026-04-17T14:54+09:00",
      "description": "The UPS (Uninterruptible Power Supply) management application provided by OMRON Corporation may insecurely load Dynamic Link Libraries due to an issue with uncontrolled search path element (CWE-427, CVE-2026-5397).\r\n\r\nOMRON Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-011472.html",
      "sec:cpe": {
        "#text": "cpe:/a:omron_socilal_solutions:powerattendant_standard_edition",
        "@product": "PowerAttendant Standard Edition",
        "@vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.\t",
        "@version": "2.2"
      },
      "sec:identifier": "JVNDB-2026-011472",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU94583735/index.html",
          "@id": "JVNVU#94583735",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/ta/JVNTA91240916/",
          "@id": "JVNTA#91240916",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2026-5397",
          "@id": "CVE-2026-5397",
          "@source": "CVE"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/427.html",
          "@id": "CWE-427",
          "@title": "Uncontrolled Search Path Element(CWE-427)"
        }
      ],
      "title": "OMRON UPS (Uninterruptible Power Supply) management application may insecurely load Dynamic Link Libraries"
    }

    JVNDB-2025-014105

    Vulnerability from jvndb - Published: 2025-09-19 16:21 - Updated:2025-09-19 16:21
    Summary
    OMRON SOCIAL SOLUTIONS Uninterruptible Power Supply (UPS) management application registers a Windows service with an unquoted file path
    Details
    Uninterruptible Power Supply (UPS) management application provided by OMRON SOCIAL SOLUTIONS Co., Ltd. registers a Windows service with an unquoted file path (CWE-428, CVE-2025-9818). OMRON SOCIAL SOLUTIONS Co., Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-014105.html",
      "dc:date": "2025-09-19T16:21+09:00",
      "dcterms:issued": "2025-09-19T16:21+09:00",
      "dcterms:modified": "2025-09-19T16:21+09:00",
      "description": "Uninterruptible Power Supply (UPS) management application provided by OMRON SOCIAL SOLUTIONS Co., Ltd. registers a Windows service with an unquoted file path (CWE-428, CVE-2025-9818). \r\n\r\nOMRON SOCIAL SOLUTIONS Co., Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-014105.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:omron_socilal_solutions:poweract_pro",
          "@product": "PowerAct Pro",
          "@vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.\t",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:omron_socilal_solutions:powerattendant_basic_edition",
          "@product": "PowerAttendant Basic Edition",
          "@vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.\t",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:omron_socilal_solutions:powerattendant_standard_edition",
          "@product": "PowerAttendant Standard Edition",
          "@vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.\t",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:omron_socilal_solutions:simple_shutdown_software",
          "@product": "Simple Shutdown Software",
          "@vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.\t",
          "@version": "2.2"
        }
      ],
      "sec:identifier": "JVNDB-2025-014105",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU93403671/index.html",
          "@id": "JVNVU#93403671",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-9818",
          "@id": "CVE-2025-9818",
          "@source": "CVE"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/428.html",
          "@id": "CWE-428",
          "@title": "Unquoted Search Path or Element(CWE-428)"
        }
      ],
      "title": "OMRON SOCIAL SOLUTIONS Uninterruptible Power Supply (UPS) management application registers a Windows service with an unquoted file path"
    }

    JVNDB-2019-000020

    Vulnerability from jvndb - Published: 2019-03-27 14:41 - Updated:2019-09-27 10:38
    Severity
    Summary
    PowerAct Pro Master Agent for Windows fails to restrict acess permissions
    Details
    PowerAct Pro Master Agent for Windows provided by OMRON SOCIAL SOLUTIONS Co.,Ltd. fails to restrict access permissions. Hosono, Akane reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-000020.html",
      "dc:date": "2019-09-27T10:38+09:00",
      "dcterms:issued": "2019-03-27T14:41+09:00",
      "dcterms:modified": "2019-09-27T10:38+09:00",
      "description": "PowerAct Pro Master Agent for Windows provided by OMRON SOCIAL SOLUTIONS Co.,Ltd. fails to restrict access permissions.\r\n\r\nHosono, Akane reported this vulnerability to IPA.\r\n JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-000020.html",
      "sec:cpe": {
        "#text": "cpe:/a:omron_socilal_solutions:poweract_pro_master_agent",
        "@product": "PowerAct Pro Master Agent",
        "@vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.\t",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "1.7",
          "@severity": "Low",
          "@type": "Base",
          "@vector": "AV:L/AC:L/Au:S/C:N/I:P/A:N",
          "@version": "2.0"
        },
        {
          "@score": "3.3",
          "@severity": "Low",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2019-000020",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN63981842/index.html",
          "@id": "JVN#63981842",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16207",
          "@id": "CVE-2018-16207",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-16207",
          "@id": "CVE-2018-16207",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-264",
          "@title": "Permissions(CWE-264)"
        }
      ],
      "title": "PowerAct Pro Master Agent for Windows fails to restrict acess permissions"
    }

    CVE-2018-16207 (GCVE-0-2018-16207)

    Vulnerability from nvd – Published: 2019-03-27 13:17 – Updated: 2024-08-05 10:17
    VLAI
    Summary
    PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Fails to restrict access
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T10:17:38.427Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oss.omron.co.jp/ups/info/topics/190326.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN63981842/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "PowerAct Pro Master Agent for Windows",
              "vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Version 5.13 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Fails to restrict access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-03-27T13:17:58.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oss.omron.co.jp/ups/info/topics/190326.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://jvn.jp/en/jp/JVN63981842/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2018-16207",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "PowerAct Pro Master Agent for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Version 5.13 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "OMRON SOCIAL SOLUTIONS Co.,Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Fails to restrict access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.oss.omron.co.jp/ups/info/topics/190326.html",
                  "refsource": "MISC",
                  "url": "https://www.oss.omron.co.jp/ups/info/topics/190326.html"
                },
                {
                  "name": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html",
                  "refsource": "MISC",
                  "url": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html"
                },
                {
                  "name": "https://jvn.jp/en/jp/JVN63981842/index.html",
                  "refsource": "MISC",
                  "url": "https://jvn.jp/en/jp/JVN63981842/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2018-16207",
        "datePublished": "2019-03-27T13:17:58.000Z",
        "dateReserved": "2018-08-30T00:00:00.000Z",
        "dateUpdated": "2024-08-05T10:17:38.427Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-16207 (GCVE-0-2018-16207)

    Vulnerability from cvelistv5 – Published: 2019-03-27 13:17 – Updated: 2024-08-05 10:17
    VLAI
    Summary
    PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Fails to restrict access
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T10:17:38.427Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oss.omron.co.jp/ups/info/topics/190326.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN63981842/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "PowerAct Pro Master Agent for Windows",
              "vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Version 5.13 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Fails to restrict access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-03-27T13:17:58.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oss.omron.co.jp/ups/info/topics/190326.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://jvn.jp/en/jp/JVN63981842/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2018-16207",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "PowerAct Pro Master Agent for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Version 5.13 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "OMRON SOCIAL SOLUTIONS Co.,Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Fails to restrict access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.oss.omron.co.jp/ups/info/topics/190326.html",
                  "refsource": "MISC",
                  "url": "https://www.oss.omron.co.jp/ups/info/topics/190326.html"
                },
                {
                  "name": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html",
                  "refsource": "MISC",
                  "url": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html"
                },
                {
                  "name": "https://jvn.jp/en/jp/JVN63981842/index.html",
                  "refsource": "MISC",
                  "url": "https://jvn.jp/en/jp/JVN63981842/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2018-16207",
        "datePublished": "2019-03-27T13:17:58.000Z",
        "dateReserved": "2018-08-30T00:00:00.000Z",
        "dateUpdated": "2024-08-05T10:17:38.427Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }