Remote code execution in OMRON NJ/NX series Machine Automation Controllers

1) Least Privilege Violation

EUVDB-ID: #VU112872

Risk: High

CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-1384

CWE-ID: CWE-272 - Least Privilege Violation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to least privilege violation issue in the communication function. A remote attacker can perform arbitrary operations and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Machine Automation Controller NJ101-xxxx: - - 1.67.00

Machine Automation Controller NJ301-1x00: - - 1.67.00

Machine Automation Controller NJ501-1x00: - - 1.67.02

Machine Automation Controller NJ501-1x20: - - 1.68.01

Machine Automation Controller NJ501-1340: - - 1.67.00

Machine Automation Controller NJ501-4xxxx: - - 1.67.00

Machine Automation Controller NJ501-5300: - - 1.67.01

Machine Automation Controller NJ501-Rx00: - - 1.67.01

Machine Automation Controller NJ501-Rx20: - - 1.67.00

Machine Automation Controller NX102-xxxxx: - - 1.68.01

Machine Automation Controller NX1P2-xxxxxxx: - - 1.64.09

Machine Automation Controller NX1P2-xxxxxxx1: - - 1.64.09

Machine Automation Controller NX502-xxxxx: - - 1.68.01

Machine Automation Controller NX701-xxxxx: - - 1.35.09

SYSMAC-SE2xx: before 1.69.00

CPE2.3

• cpe:2.3:h:omron:machine_automation_controller_nj101-xxxx:*:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nj101-xxxx:1.67.00:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nj301-1x00:*:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nj301-1x00:1.67.00:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nj501-1x00:*:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nj501-1x00:1.67.02:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nj501-1x20:*:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nj501-1x20:1.68.01:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nj501-1340:*:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nj501-1340:1.67.00:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nj501-4xxxx:*:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nj501-5300:*:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nj501-rx00:*:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nj501-rx20:*:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nx102-xxxxx:*:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nx1p2-xxxxxxx:*:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nx1p2-xxxxxxx1:*:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nx502-xxxxx:*:*:*:*:*:*:*:*
• cpe:2.3:h:omron:machine_automation_controller_nx701-xxxxx:*:*:*:*:*:*:*:*
• cpe:2.3:h:omron:sysmac-se2xx:*:*:*:*:*:*:*:*

External links

https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2025-004_en.pdf
https://www.fa.omron.co.jp/product/security/assets/pdf/ja/OMSR-2025-004_ja.pdf
https://jvn.jp/en/vu/JVNVU96149970/index.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.