Search
Find a vulnerability
Search criteria
5 vulnerabilities by OMRON SOCIAL SOLUTIONS Co.,Ltd.
JVNDB-2026-011472
Vulnerability from jvndb - Published: 2026-04-17 14:54 - Updated:2026-04-17 14:54Summary
OMRON UPS (Uninterruptible Power Supply) management application may insecurely load Dynamic Link Libraries
Details
The UPS (Uninterruptible Power Supply) management application provided by OMRON Corporation may insecurely load Dynamic Link Libraries due to an issue with uncontrolled search path element (CWE-427, CVE-2026-5397).
OMRON Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
References
| Type | URL | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-011472.html",
"dc:date": "2026-04-17T14:54+09:00",
"dcterms:issued": "2026-04-17T14:54+09:00",
"dcterms:modified": "2026-04-17T14:54+09:00",
"description": "The UPS (Uninterruptible Power Supply) management application provided by OMRON Corporation may insecurely load Dynamic Link Libraries due to an issue with uncontrolled search path element (CWE-427, CVE-2026-5397).\r\n\r\nOMRON Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-011472.html",
"sec:cpe": {
"#text": "cpe:/a:omron_socilal_solutions:powerattendant_standard_edition",
"@product": "PowerAttendant Standard Edition",
"@vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.\t",
"@version": "2.2"
},
"sec:identifier": "JVNDB-2026-011472",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU94583735/index.html",
"@id": "JVNVU#94583735",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/ta/JVNTA91240916/",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-5397",
"@id": "CVE-2026-5397",
"@source": "CVE"
},
{
"#text": "https://cwe.mitre.org/data/definitions/427.html",
"@id": "CWE-427",
"@title": "Uncontrolled Search Path Element(CWE-427)"
}
],
"title": "OMRON UPS (Uninterruptible Power Supply) management application may insecurely load Dynamic Link Libraries"
}
JVNDB-2025-014105
Vulnerability from jvndb - Published: 2025-09-19 16:21 - Updated:2025-09-19 16:21Summary
OMRON SOCIAL SOLUTIONS Uninterruptible Power Supply (UPS) management application registers a Windows service with an unquoted file path
Details
Uninterruptible Power Supply (UPS) management application provided by OMRON SOCIAL SOLUTIONS Co., Ltd. registers a Windows service with an unquoted file path (CWE-428, CVE-2025-9818).
OMRON SOCIAL SOLUTIONS Co., Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
References
| Type | URL | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-014105.html",
"dc:date": "2025-09-19T16:21+09:00",
"dcterms:issued": "2025-09-19T16:21+09:00",
"dcterms:modified": "2025-09-19T16:21+09:00",
"description": "Uninterruptible Power Supply (UPS) management application provided by OMRON SOCIAL SOLUTIONS Co., Ltd. registers a Windows service with an unquoted file path (CWE-428, CVE-2025-9818). \r\n\r\nOMRON SOCIAL SOLUTIONS Co., Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-014105.html",
"sec:cpe": [
{
"#text": "cpe:/a:omron_socilal_solutions:poweract_pro",
"@product": "PowerAct Pro",
"@vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.\t",
"@version": "2.2"
},
{
"#text": "cpe:/a:omron_socilal_solutions:powerattendant_basic_edition",
"@product": "PowerAttendant Basic Edition",
"@vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.\t",
"@version": "2.2"
},
{
"#text": "cpe:/a:omron_socilal_solutions:powerattendant_standard_edition",
"@product": "PowerAttendant Standard Edition",
"@vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.\t",
"@version": "2.2"
},
{
"#text": "cpe:/a:omron_socilal_solutions:simple_shutdown_software",
"@product": "Simple Shutdown Software",
"@vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.\t",
"@version": "2.2"
}
],
"sec:identifier": "JVNDB-2025-014105",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU93403671/index.html",
"@id": "JVNVU#93403671",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2025-9818",
"@id": "CVE-2025-9818",
"@source": "CVE"
},
{
"#text": "https://cwe.mitre.org/data/definitions/428.html",
"@id": "CWE-428",
"@title": "Unquoted Search Path or Element(CWE-428)"
}
],
"title": "OMRON SOCIAL SOLUTIONS Uninterruptible Power Supply (UPS) management application registers a Windows service with an unquoted file path"
}
JVNDB-2019-000020
Vulnerability from jvndb - Published: 2019-03-27 14:41 - Updated:2019-09-27 10:38
Severity
Summary
PowerAct Pro Master Agent for Windows fails to restrict acess permissions
Details
PowerAct Pro Master Agent for Windows provided by OMRON SOCIAL SOLUTIONS Co.,Ltd. fails to restrict access permissions.
Hosono, Akane reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-000020.html",
"dc:date": "2019-09-27T10:38+09:00",
"dcterms:issued": "2019-03-27T14:41+09:00",
"dcterms:modified": "2019-09-27T10:38+09:00",
"description": "PowerAct Pro Master Agent for Windows provided by OMRON SOCIAL SOLUTIONS Co.,Ltd. fails to restrict access permissions.\r\n\r\nHosono, Akane reported this vulnerability to IPA.\r\n JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-000020.html",
"sec:cpe": {
"#text": "cpe:/a:omron_socilal_solutions:poweract_pro_master_agent",
"@product": "PowerAct Pro Master Agent",
"@vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.\t",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "1.7",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:L/AC:L/Au:S/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "3.3",
"@severity": "Low",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2019-000020",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN63981842/index.html",
"@id": "JVN#63981842",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16207",
"@id": "CVE-2018-16207",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-16207",
"@id": "CVE-2018-16207",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-264",
"@title": "Permissions(CWE-264)"
}
],
"title": "PowerAct Pro Master Agent for Windows fails to restrict acess permissions"
}
CVE-2018-16207 (GCVE-0-2018-16207)
Vulnerability from nvd – Published: 2019-03-27 13:17 – Updated: 2024-08-05 10:17
VLAI
Summary
PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors.
Severity
No CVSS data available.
CWE
- Fails to restrict access
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.oss.omron.co.jp/ups/info/topics/190326.html | x_refsource_MISC |
| https://www.oss.omron.co.jp/ups/support/download/… | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN63981842/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| OMRON SOCIAL SOLUTIONS Co.,Ltd. | PowerAct Pro Master Agent for Windows |
Affected:
Version 5.13 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:17:38.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oss.omron.co.jp/ups/info/topics/190326.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN63981842/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PowerAct Pro Master Agent for Windows",
"vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Version 5.13 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Fails to restrict access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-27T13:17:58.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oss.omron.co.jp/ups/info/topics/190326.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN63981842/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-16207",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PowerAct Pro Master Agent for Windows",
"version": {
"version_data": [
{
"version_value": "Version 5.13 and earlier"
}
]
}
}
]
},
"vendor_name": "OMRON SOCIAL SOLUTIONS Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Fails to restrict access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.oss.omron.co.jp/ups/info/topics/190326.html",
"refsource": "MISC",
"url": "https://www.oss.omron.co.jp/ups/info/topics/190326.html"
},
{
"name": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html",
"refsource": "MISC",
"url": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html"
},
{
"name": "https://jvn.jp/en/jp/JVN63981842/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN63981842/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-16207",
"datePublished": "2019-03-27T13:17:58.000Z",
"dateReserved": "2018-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:17:38.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16207 (GCVE-0-2018-16207)
Vulnerability from cvelistv5 – Published: 2019-03-27 13:17 – Updated: 2024-08-05 10:17
VLAI
Summary
PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors.
Severity
No CVSS data available.
CWE
- Fails to restrict access
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.oss.omron.co.jp/ups/info/topics/190326.html | x_refsource_MISC |
| https://www.oss.omron.co.jp/ups/support/download/… | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN63981842/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| OMRON SOCIAL SOLUTIONS Co.,Ltd. | PowerAct Pro Master Agent for Windows |
Affected:
Version 5.13 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:17:38.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oss.omron.co.jp/ups/info/topics/190326.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN63981842/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PowerAct Pro Master Agent for Windows",
"vendor": "OMRON SOCIAL SOLUTIONS Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Version 5.13 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Fails to restrict access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-27T13:17:58.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oss.omron.co.jp/ups/info/topics/190326.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN63981842/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-16207",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PowerAct Pro Master Agent for Windows",
"version": {
"version_data": [
{
"version_value": "Version 5.13 and earlier"
}
]
}
}
]
},
"vendor_name": "OMRON SOCIAL SOLUTIONS Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Fails to restrict access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.oss.omron.co.jp/ups/info/topics/190326.html",
"refsource": "MISC",
"url": "https://www.oss.omron.co.jp/ups/info/topics/190326.html"
},
{
"name": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html",
"refsource": "MISC",
"url": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html"
},
{
"name": "https://jvn.jp/en/jp/JVN63981842/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN63981842/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-16207",
"datePublished": "2019-03-27T13:17:58.000Z",
"dateReserved": "2018-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:17:38.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}