When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offset, an attacker can force the application to read a value outside of an array.
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it easier for local users to obtain sensitive information by reading a file.
Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to obtain sensitive information by reading a file.
| CVE ID ⇅ | Severity ↓ | Description | |
|---|---|---|---|
| CVE-2018-17907 | LOW | When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with t… | › |
| CVE-2015-1015 | LOW | Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 … | › |
| CVE-2015-0988 | LOW | Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project sourc… | › |